Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
124,875 Commits 3,986 Branches 0 Tags
Commit Graph

410 Commits

Author SHA1 Message Date
brendan%mozilla.org
da7fa465a7 Better version of last change, thanks to caillon for reminding me. 
git-svn-id: svn://10.0.0.236/trunk@147384 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-28 04:55:50 +00:00
brendan%mozilla.org
4981e3ba49 Forgot to update calls to formerly-static SecurityCompareURI (r+sr=bz). 
git-svn-id: svn://10.0.0.236/trunk@147383 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-28 04:44:33 +00:00
brendan%mozilla.org
53924f1a53 Expose nsIScriptSecurityManager::SecurityCompareURIs for use by nsGlobalWindow::SetNewDocument, to avoid spurious window.open same-origin violation errors (220421, r=caillon, sr=bzbarsky). 
git-svn-id: svn://10.0.0.236/trunk@147382 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-28 04:22:01 +00:00
caillon%returnzero.com
38f33a981a about:about 
Bug 56061
r=bryner@brianryner.com
sr=darin@meer.net


git-svn-id: svn://10.0.0.236/trunk@146846 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-13 19:35:59 +00:00
bryner%brianryner.com
260b09f147 Fix build on gcc 3.4 by removing extra semicolons (bug 218551). r/sr=dbaron, a=brendan. 
git-svn-id: svn://10.0.0.236/trunk@146613 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-07 21:37:51 +00:00
caillon%returnzero.com
d55b44719f Backing out the patch to bug 83536. 
I will reland this when 1.6a re-opens.
r+sr=jst@netscape.com
a=chofmann


git-svn-id: svn://10.0.0.236/trunk@146256 18797224-902f-48f8-a5cc-f745e15eee43
 2003-08-22 03:06:53 +00:00
caillon%returnzero.com
8bd93e8b6d Bug 216234 
Calling operator delete on an nsAutoPtr isn't good.
r+sr=dbaron@dbaron.org
a=asa@mozilla.org


git-svn-id: svn://10.0.0.236/trunk@146208 18797224-902f-48f8-a5cc-f745e15eee43
 2003-08-20 00:40:13 +00:00
caillon%returnzero.com
916e757114 Bug 214949 
Make XUL error pages work again by making GetOrigin() return the full spec for chrome: URIs and preventing principal lookups when the principals hash is empty.
r+sr=jst@netscape.com
a=rjesup@wgate.com


git-svn-id: svn://10.0.0.236/trunk@145830 18797224-902f-48f8-a5cc-f745e15eee43
 2003-08-10 02:26:11 +00:00
brendan%mozilla.org
95220b5330 Add shared DHashTableOps for [const] char *key use-cases, clean up dhash API abusages (214839, r=dougt, sr=dbaron). 
git-svn-id: svn://10.0.0.236/trunk@145624 18797224-902f-48f8-a5cc-f745e15eee43
 2003-08-05 20:09:21 +00:00
caillon%returnzero.com
7fe85266fd Adding comments, per bzbarsky. bug 214050. 
git-svn-id: svn://10.0.0.236/trunk@145342 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-29 19:03:00 +00:00
caillon%returnzero.com
c9af458d0a Don't let success of string bundle calls dictate the return value, continue to return errors. Still bug 214050. 
git-svn-id: svn://10.0.0.236/trunk@145325 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-29 09:07:43 +00:00
caillon%returnzero.com
742898a589 Bug 214050 
Start to localize some of the more common user-visible error messages in caps.
r+sr=bzbarsky@mit.edu


git-svn-id: svn://10.0.0.236/trunk@145319 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-29 05:28:00 +00:00
caillon%returnzero.com
eb5d77e5d2 Init mSecurityPolicy. This somehow got lost in between the last two revisions of my patch to bug 83536. 
r=timeless,sr=bzbarsky on IRC.


git-svn-id: svn://10.0.0.236/trunk@145242 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-27 07:00:25 +00:00
caillon%returnzero.com
ee8fbe535c 213796 - Crash In CAPS.DLL On Startup [@ nsPrincipal::GetHashValue] 
r+sr+caillonIsStupid=bzbarsky@mit.edu


git-svn-id: svn://10.0.0.236/trunk@145241 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-27 04:08:48 +00:00
caillon%returnzero.com
aa18e68f01 Bug 213847. Prompt the user for what to do if we don't know whether we can grant a capability. 
r+sr=bzbarsky@mit.edu


git-svn-id: svn://10.0.0.236/trunk@145206 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-25 19:23:17 +00:00
caillon%returnzero.com
cd46cbbaad Bug 83536. 
Merge script principal implementations into one class.
Should reduce footprint, speed up calls to caps a little bit, and fixes several memory leaks.
Also fixes bugs 211174 and 211263
r=jst@netscape.com
sr=bzbarsky@mit.edu
moa=mstoltz@netscape.com (he looked at an earlier patch and said it looked fine, and will do a retroactive review when he returns from vacation as well)


git-svn-id: svn://10.0.0.236/trunk@145137 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-24 05:15:20 +00:00
jst%netscape.com
155632c501 Fixing bug 210730. ClassInfoData optimizations. r+sr=jaggernaut@netscape.com 
git-svn-id: svn://10.0.0.236/trunk@144207 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-27 03:10:49 +00:00
timeless%mozdev.org
543383a0e6 Bug 194872 CAPS vulnerability when doing cross-site-scripting with frames from different origins and different CAPS settings (allAccess, noAccess). 
bustage (const char*)
sr=jst


git-svn-id: svn://10.0.0.236/trunk@144181 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-26 03:27:01 +00:00
mstoltz%netscape.com
df95af7f9f Bug 194872 - Cache zone-policy data on the subject principal instead of the callee. r=nisheeth, sr=jst. 
git-svn-id: svn://10.0.0.236/trunk@144169 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-26 00:18:43 +00:00
jst%netscape.com
ecae24eff4 Fixing bug 209884. Writing an inline helper to safely get an nsIScriptContext from a JSContext and making direct callers of JS_GetContextPrivate() use the helper. r=caillon@aillon.org, sr=peterv@netscape.com 
git-svn-id: svn://10.0.0.236/trunk@144108 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-24 21:43:01 +00:00
caillon%returnzero.com
588acb1f7c Bug 163645 - User defined properties of window.navigator are not remembered when a new page is loaded. 
Enable this for websites within the same domain only.
Also, fixes CheckSameOriginPrincipal to just check the principals, and not care whether we have anything on the JS stack.
r=mstoltz, sr=jst


git-svn-id: svn://10.0.0.236/trunk@143900 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-18 23:48:57 +00:00
harishd%netscape.com
893e8e41f1 Grant access to SOAP response document's properties and also allow the document to be serializable. b=193953, r=heikki@netscape.com, sr=jst@netscape.com 
git-svn-id: svn://10.0.0.236/trunk@143644 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-12 20:18:34 +00:00
seawood%netscape.com
06e1507b0c Removing old cfm build files. Use the CFM_LAST_RITES tag to resurrect. r=macdev 
git-svn-id: svn://10.0.0.236/trunk@143527 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-10 21:18:27 +00:00
dougt%meer.net
e70ad5a847 Disallowing javascript or data schemes in a redirect. r=mstoltz, sr=brendan, a=rjesup, b=195201 
git-svn-id: svn://10.0.0.236/trunk@143054 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-29 21:56:38 +00:00
dougt%meer.net
43e230ebe2 Disallowing javascript or data schemes in a redirect. r=mstoltz, sr=brendan, a=rjesup, b=195201 
git-svn-id: svn://10.0.0.236/trunk@143053 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-29 21:51:34 +00:00
timeless%mozdev.org
235ae5e2a0 Bug 207328 @mozilla.org/scriptsecuritymanager;1 isn't registering itself correctly as an app-startup observer service 
r=mstoltz sr=alecf


git-svn-id: svn://10.0.0.236/trunk@143023 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-29 04:27:03 +00:00
mstoltz%netscape.com
d55cb10a60 Bug 163950 - allow opening connections for XML data transfer services when document.domain has been set. r=jst, sr=heikki. 
git-svn-id: svn://10.0.0.236/trunk@143008 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-28 23:22:36 +00:00
dwitte%stanford.edu
dc7e857400 bug 100649: Length() being used where IsEmpty() is meant 
treewide changes to convert incorrect usages of string.Length() to string.IsEmpty().

thanks to afatecha@idea.com.py (Ariel Fatecha) for the patch. r=dwitte, sr=jst.

got the ok from Asa to land into a closed tree.


git-svn-id: svn://10.0.0.236/trunk@142828 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-23 21:34:47 +00:00
dbradley%netscape.com
5878dbec4a bug 205538 - Use hyphens instead of underscores in caps prefs for CID's. r=adamlock, sr=alecf, a=asa 
git-svn-id: svn://10.0.0.236/trunk@142650 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-20 14:19:05 +00:00
jst%netscape.com
394e9fef7e Fixing bug 202994. Make sure the proper security check is done when converting the result of a JS expression in a javascript: URL to a string. r=mstoltz@netscape.com, sr=brendan@mozilla.org, a=asa@mozilla.org 
git-svn-id: svn://10.0.0.236/trunk@142350 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-12 22:23:52 +00:00
brendan%mozilla.org
409a6a96a8 Fix overbroad getter/setter access check to apply only to scripted getters/setters; fix wrong object class name in error messages (198660, r=mstoltz, sr=jst, a=asa). 
git-svn-id: svn://10.0.0.236/trunk@142248 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-09 00:40:50 +00:00
dbradley%netscape.com
60e176365d Another dummy change to cause beast to rebuild caps 
git-svn-id: svn://10.0.0.236/trunk@141968 18797224-902f-48f8-a5cc-f745e15eee43
 2003-04-30 09:19:50 +00:00
mkaply%us.ibm.com
435fbdbda5 IRIX bustage 
git-svn-id: svn://10.0.0.236/trunk@141666 18797224-902f-48f8-a5cc-f745e15eee43
 2003-04-23 04:28:41 +00:00
mstoltz%netscape.com
0cc266ec31 Bug 180749 - when remembering granted privileges for file://pages, grant privilege for that page only, not the whole local file system. r=jst, sr=heikki. 
git-svn-id: svn://10.0.0.236/trunk@141642 18797224-902f-48f8-a5cc-f745e15eee43
 2003-04-23 00:21:02 +00:00
jst%netscape.com
6f39df51bc Fixing bug 201132. Always use the JSPrincipals from the target object when compiling event handlers, never use the principals of the global object in which the event handler is compiled. Also make sure we never use the principals that are precompiled into cloned Functions, always get the principal from the Function's scope in such cases. r=mstoltz@netscape.com (and heikki@netscape.com), sr=brendan@mozilla.org 
git-svn-id: svn://10.0.0.236/trunk@141333 18797224-902f-48f8-a5cc-f745e15eee43
 2003-04-17 20:21:00 +00:00
locka%iol.ie
19052a738f Define XPC_IDISPATCH_SUPPORT when building caps if necessary. b=198117 r=dbradley@netscape.com sr=alec@netscape.com 
git-svn-id: svn://10.0.0.236/trunk@139835 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-20 12:10:04 +00:00
rginda%netscape.com
819a79d39d bug 170585, Scriptable streams are broken; r=darinf, sr=dougt 
update to readdata caller


git-svn-id: svn://10.0.0.236/trunk@139399 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-13 21:24:37 +00:00
mstoltz%netscape.com
00529830be Bug 188229 - adding new security check function that allows component instantiation by CID. r=dveditz, sr=heikki. *not part of build yet* 
git-svn-id: svn://10.0.0.236/trunk@139306 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-12 02:17:37 +00:00
timeless%mozdev.org
7f19212039 Bug 196340 Change NS_REINTERPRET_CAST(nsIScriptContext*, JS_GetContextPrivate(cx)) to use Static Cast 
r=mstoltz sr=heikki


git-svn-id: svn://10.0.0.236/trunk@139117 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-07 21:54:28 +00:00
brendan%mozilla.org
a5ad42fb1b Generalize the JS_SetCheckObjectAccessCallback hook implemented here to deal with user-defined getters and setters (92773, r=mstoltz, sr=jst). 
git-svn-id: svn://10.0.0.236/trunk@139037 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-06 19:40:14 +00:00
rginda%netscape.com
ce1ca0b4c1 bug 191773, r=mstoltz, a=dbaron@dbaron.org 
only allow x-jsd: urls from chrome: and resource:


git-svn-id: svn://10.0.0.236/trunk@137399 18797224-902f-48f8-a5cc-f745e15eee43
 2003-02-05 01:27:56 +00:00
seawood%netscape.com
5e5146a122 Whitespace change to trigger rebuild of libs that depend upon zlib. 
git-svn-id: svn://10.0.0.236/trunk@137127 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-30 05:53:29 +00:00
bryner%netscape.com
471802c3fa fixing IRIX bustage (^M's from mstoltz's checkin) 
git-svn-id: svn://10.0.0.236/trunk@136953 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-25 03:58:38 +00:00
mstoltz%netscape.com
c837a27778 Bug 189799 - Ignore username:password portion of URL when making URL comparisons for security. r=heikki, sr=jst, a=asa 
git-svn-id: svn://10.0.0.236/trunk@136946 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-25 01:43:37 +00:00
sfraser%netscape.com
b3ed7e7caf Fix bug 127185: don't crash with a null JS context if running without XPT files. Fixes nsScriptSecurityManager to do more thorough error checking on initialization. r=mstoltz, sr=jst. 
git-svn-id: svn://10.0.0.236/trunk@136464 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-17 01:00:15 +00:00
dbaron%dbaron.org
30879d2c9e Bug 178643: Remove uses of NS_INIT_ISUPPORTS, since it's no longer needed. r=timeless sr=jag 
git-svn-id: svn://10.0.0.236/trunk@135991 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-08 19:24:38 +00:00
caillon%returnzero.com
360f61e8a1 184257 - Updating pref callers. r=timeless sr=bzbarsky 
git-svn-id: svn://10.0.0.236/trunk@135983 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-08 08:40:41 +00:00
seawood%netscape.com
f8f86e7f05 Start installing GRE libraries & components into a separate dist/gre directory as part of the default build. 
Bug #186241 r=dougt


git-svn-id: svn://10.0.0.236/trunk@135661 18797224-902f-48f8-a5cc-f745e15eee43
 2002-12-28 01:15:07 +00:00
alecf%netscape.com
e38457c675 take two at fixing bug 177401 - convert nsIBinaryStream over to using nsAString/nsACString for string values, to speed up fastload 
sr=darin, r=dougt
(the previous checkin had a typo which disabled fastload entirely!)


git-svn-id: svn://10.0.0.236/trunk@133832 18797224-902f-48f8-a5cc-f745e15eee43
 2002-11-14 18:16:31 +00:00
alecf%netscape.com
1c16ef7f73 argh, back out my last checkin because Ts went UP not down! 
git-svn-id: svn://10.0.0.236/trunk@133447 18797224-902f-48f8-a5cc-f745e15eee43
 2002-11-09 01:31:32 +00:00