Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
167,756 Commits 3,986 Branches 0 Tags
7a4f0852befa4d24f3cf270dbc3ff8a08045bc01
Commit Graph

306 Commits

Author SHA1 Message Date
brendan%mozilla.org
8a855528ea Fix comment from last night to match today's code. 
git-svn-id: svn://10.0.0.236/trunk@173040 18797224-902f-48f8-a5cc-f745e15eee43
 2005-05-04 18:58:24 +00:00
brendan%mozilla.org
36aee01960 Undo gist of last change for now, it breaks too much even though it's safer. 
git-svn-id: svn://10.0.0.236/trunk@173037 18797224-902f-48f8-a5cc-f745e15eee43
 2005-05-04 16:19:31 +00:00
brendan%mozilla.org
8695afc4e4 Find active native function principals when walking the JS stack, and beef up eval-ish native safeguards (281988, r=shaver/caillon, sr=jst, a=drivers). 
git-svn-id: svn://10.0.0.236/trunk@173030 18797224-902f-48f8-a5cc-f745e15eee43
 2005-05-04 06:28:36 +00:00
bzbarsky%mit.edu
3ef1503a5f Fix crashes when privilegeManager methods are called by setting our our param 
on success return.  Bug 289991 and bug 289925, r=caillon, sr=dbaron, a=dbaron


git-svn-id: svn://10.0.0.236/trunk@172019 18797224-902f-48f8-a5cc-f745e15eee43
 2005-04-12 05:13:26 +00:00
bzbarsky%mit.edu
527175c5da Do less addrefing of principals in the script security manager. Bug 289643, 
r=caillon, sr=brendan, a=asa


git-svn-id: svn://10.0.0.236/trunk@171945 18797224-902f-48f8-a5cc-f745e15eee43
 2005-04-10 23:27:07 +00:00
brendan%mozilla.org
01efe388a9 Revert kludge, want a general fix. 
git-svn-id: svn://10.0.0.236/trunk@171865 18797224-902f-48f8-a5cc-f745e15eee43
 2005-04-07 19:48:57 +00:00
brendan%mozilla.org
41903388e1 Stop evals and Script object calls/execs that cross trust domains (289074, r=shaver, sr=jst, a=drivers). 
git-svn-id: svn://10.0.0.236/trunk@171838 18797224-902f-48f8-a5cc-f745e15eee43
 2005-04-07 02:22:24 +00:00
timeless%mozdev.org
43edd35b64 Bug 239967 prototype for nsScriptSecurityManager::GetPrincipalFromContext is wrong 
r=dveditz sr=dveditz


git-svn-id: svn://10.0.0.236/trunk@171311 18797224-902f-48f8-a5cc-f745e15eee43
 2005-03-29 03:12:12 +00:00
bryner%brianryner.com
d73c7fa274 Inline access to XPCWrappedNative's nsISupports pointer, with do_QueryWrappedNative nsCOMPtr helper (bug 285404). r=jst, sr=darin. 
git-svn-id: svn://10.0.0.236/trunk@170483 18797224-902f-48f8-a5cc-f745e15eee43
 2005-03-10 00:39:28 +00:00
gandalf%firefox.pl
614ee4af8e bug 279768: Bring build system to work with --enable-ui-locale; r=bsmedberg; a=doron on webservices move 
git-svn-id: svn://10.0.0.236/trunk@170385 18797224-902f-48f8-a5cc-f745e15eee43
 2005-03-08 17:21:36 +00:00
bsmedberg%covad.net
fc4099e666 Bug 281414 - global s/nsIPrefBranchInternal/nsIPrefBranch2/ rs=darin (did not change backwards-compatible code in extensions/irc extensions/venkman or extensions/inspector) 
git-svn-id: svn://10.0.0.236/trunk@169868 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-25 20:46:35 +00:00
bzbarsky%mit.edu
f661fbfa84 Remove special-casing so non-chrome-principal pages, even with chrome: uris, 
can have script disabled as needed.  Bug 280120, r=peterv, sr=neil


git-svn-id: svn://10.0.0.236/trunk@169613 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-22 21:18:31 +00:00
cbiesinger%web.de
36df735fb8 Bug 269661 make libpref not depend on caps 
r=caillon sr=dveditz


git-svn-id: svn://10.0.0.236/trunk@168870 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-06 12:39:31 +00:00
jshin%mailaps.org
3ad995326c bug 280613 : checkLoadURIStr of nsIScriptSecurityManager should accept AUTF8String istead of string (for IDN), r=dveditz, sr=darin 
git-svn-id: svn://10.0.0.236/trunk@168696 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-02 07:17:53 +00:00
bzbarsky%mit.edu
ceee542316 Add about:license and about:licence and make about: link to them. Bug 256945, 
r=gerv, sr=darin


git-svn-id: svn://10.0.0.236/trunk@168206 18797224-902f-48f8-a5cc-f745e15eee43
 2005-01-23 21:02:36 +00:00
timeless%mozdev.org
8eef869750 Bug 261339 Setting capability.policy.default.Window.top to noAccess seems to crash mozilla 
r=caillon sr=dveditz


git-svn-id: svn://10.0.0.236/trunk@165018 18797224-902f-48f8-a5cc-f745e15eee43
 2004-11-05 16:54:09 +00:00
timeless%mozdev.org
f437907894 Bug 267311 netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect") in a XBL constructor make mozilla crash. [@ JS_FrameIterator] 
r=dveditz sr=jst


git-svn-id: svn://10.0.0.236/trunk@165009 18797224-902f-48f8-a5cc-f745e15eee43
 2004-11-05 15:25:04 +00:00
bzbarsky%mit.edu
52e1c648d9 Make it possible to disable checkloaduri on a per-site basis instead of 
disabling it globally.  Bug 233108, r=caillon, sr=jst


git-svn-id: svn://10.0.0.236/trunk@164854 18797224-902f-48f8-a5cc-f745e15eee43
 2004-11-03 15:45:52 +00:00
jst%mozilla.jstenback.com
9a84339353 Re-enabling the fix for bug 69070 and optimizing some string code in caps that was for sure part of the reason for the Tp regression, and use CheckLoadURIWithPrincipal() to be more correct. r+sr=bzbarsky@mit.edu 
git-svn-id: svn://10.0.0.236/trunk@163825 18797224-902f-48f8-a5cc-f745e15eee43
 2004-10-15 16:34:58 +00:00
dveditz%cruzio.com
48060e3409 Improve enablePrivilege confirmation dialog text and presentation, sanity-check 
privilege names (bug 253942, bug 253944) r=caillon,sr=brendan,a=chofmann,mkaply


git-svn-id: svn://10.0.0.236/trunk@161570 18797224-902f-48f8-a5cc-f745e15eee43
 2004-09-01 07:53:32 +00:00
roc+%cs.cmu.edu
0b0fa89131 Bug 226439. Convert codebase to use AppendLiteral/AssignLiteral/LowerCaseEqualsLiteral. r+sr=darin 
git-svn-id: svn://10.0.0.236/trunk@157992 18797224-902f-48f8-a5cc-f745e15eee43
 2004-06-17 00:13:25 +00:00
dveditz%cruzio.com
701ccb5c8d bug 162020 option to delay enabling confirmation buttons r=mkaply,sr=sspitzer 
git-svn-id: svn://10.0.0.236/trunk@157430 18797224-902f-48f8-a5cc-f745e15eee43
 2004-06-05 09:26:01 +00:00
mkaply%us.ibm.com
365db455e3 #239580 
r=danm, sr=dveditz
Extend ConfirmEx to allow setting the default button - change default button for script security to no


git-svn-id: svn://10.0.0.236/trunk@156844 18797224-902f-48f8-a5cc-f745e15eee43
 2004-05-24 13:33:51 +00:00
roc+%cs.cmu.edu
bdc7e5f59b Bug 226439. Convert Seamonkey to EqualsLiteral. rs=darin 
git-svn-id: svn://10.0.0.236/trunk@156785 18797224-902f-48f8-a5cc-f745e15eee43
 2004-05-22 22:15:22 +00:00
bzbarsky%mit.edu
dce306232a Add a version of CheckLoadURI that takes a source principal instead of a source 
URI.  Update a bunch of callers to use it.  Bug 233108, r=caillon, sr=dveditz


git-svn-id: svn://10.0.0.236/trunk@155487 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-25 16:55:27 +00:00
bryner%brianryner.com
3b4b8ed6c9 deCOMtaminate nsIScriptObjectPrincipal (bug 240745). This also fixes some code in nsCrypto.cpp that sems to have been mis-braced (I don't think it was working as intended). r+sr=jst. 
git-svn-id: svn://10.0.0.236/trunk@155049 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-18 00:28:47 +00:00
gerv%gerv.net
98831918fc Bug 236613: change to MPL/LGPL/GPL tri-license. 
git-svn-id: svn://10.0.0.236/trunk@155044 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-17 21:52:36 +00:00
cbiesinger%web.de
d02f9c7f35 Bug 235504 Remove nsCString::EqualsWithConversion(const char*) 
r=darin sr=dbaron


git-svn-id: svn://10.0.0.236/trunk@154891 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-14 20:09:30 +00:00
jst%mozilla.jstenback.com
d73251183e Backing out the fix for bug 235457 since it made typing URLs, and autocomplete in the the URL bar not work. 
git-svn-id: svn://10.0.0.236/trunk@154028 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-16 19:06:10 +00:00
jst%mozilla.jstenback.com
5cc3ac88a9 Fixing bug 235457. Make new windows opened through window.open be opened on the context of the opener, and make caps not lie about when capabilities are enabled. r=danm-moz@comcast.net, r=caillon@aillon.org, sr=brendan@mozilla.org, a=dbaron@dbaron.org 
git-svn-id: svn://10.0.0.236/trunk@154020 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-16 06:57:54 +00:00
darin%meer.net
af98e4f306 landing dbaron's patch for bug 235735 "fix callers that cast away const on result of ns[C]String::get" r+sr=darin 
git-svn-id: svn://10.0.0.236/trunk@153357 18797224-902f-48f8-a5cc-f745e15eee43
 2004-02-28 22:34:07 +00:00
darin%meer.net
9770631282 fixes bug 234916 "Remove global/static NS_NAMED_LITERAL_C?STRING usage [was: Firefox crashes on startup on Mac OS X]" r=jst sr=dbaron 
git-svn-id: svn://10.0.0.236/trunk@153191 18797224-902f-48f8-a5cc-f745e15eee43
 2004-02-25 02:08:34 +00:00
jst%mozilla.jstenback.com
854468a176 Fixing bug 233307. deCOMtaminating nsIScript* and related interfaces. r+sr=bryner@brianryner.com. 
git-svn-id: svn://10.0.0.236/trunk@152565 18797224-902f-48f8-a5cc-f745e15eee43
 2004-02-09 22:48:53 +00:00
pkw%us.ibm.com
bae37edcfd Bug 228095 - AIX: 64-bit build error in nsScriptSecurityManager.cpp 
r=caillon@aillon.org, sr=brendan@mozilla.org, a=brendan@mozilla.org


git-svn-id: svn://10.0.0.236/trunk@150326 18797224-902f-48f8-a5cc-f745e15eee43
 2003-12-15 18:16:09 +00:00
caillon%returnzero.com
f401257c19 Permit content to link to about:logo 
Bug 223293; r=timeless sr=jst


git-svn-id: svn://10.0.0.236/trunk@148490 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-30 01:35:09 +00:00
caillon%returnzero.com
c1914505cb Re-land patch for bug 83536, merging principal objects. 
Also includes fixes from bug 216041.
r=bzbarsky
sr=jst


git-svn-id: svn://10.0.0.236/trunk@148229 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-21 22:11:49 +00:00
brendan%mozilla.org
da7fa465a7 Better version of last change, thanks to caillon for reminding me. 
git-svn-id: svn://10.0.0.236/trunk@147384 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-28 04:55:50 +00:00
brendan%mozilla.org
4981e3ba49 Forgot to update calls to formerly-static SecurityCompareURI (r+sr=bz). 
git-svn-id: svn://10.0.0.236/trunk@147383 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-28 04:44:33 +00:00
brendan%mozilla.org
53924f1a53 Expose nsIScriptSecurityManager::SecurityCompareURIs for use by nsGlobalWindow::SetNewDocument, to avoid spurious window.open same-origin violation errors (220421, r=caillon, sr=bzbarsky). 
git-svn-id: svn://10.0.0.236/trunk@147382 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-28 04:22:01 +00:00
caillon%returnzero.com
38f33a981a about:about 
Bug 56061
r=bryner@brianryner.com
sr=darin@meer.net


git-svn-id: svn://10.0.0.236/trunk@146846 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-13 19:35:59 +00:00
caillon%returnzero.com
d55b44719f Backing out the patch to bug 83536. 
I will reland this when 1.6a re-opens.
r+sr=jst@netscape.com
a=chofmann


git-svn-id: svn://10.0.0.236/trunk@146256 18797224-902f-48f8-a5cc-f745e15eee43
 2003-08-22 03:06:53 +00:00
caillon%returnzero.com
916e757114 Bug 214949 
Make XUL error pages work again by making GetOrigin() return the full spec for chrome: URIs and preventing principal lookups when the principals hash is empty.
r+sr=jst@netscape.com
a=rjesup@wgate.com


git-svn-id: svn://10.0.0.236/trunk@145830 18797224-902f-48f8-a5cc-f745e15eee43
 2003-08-10 02:26:11 +00:00
brendan%mozilla.org
95220b5330 Add shared DHashTableOps for [const] char *key use-cases, clean up dhash API abusages (214839, r=dougt, sr=dbaron). 
git-svn-id: svn://10.0.0.236/trunk@145624 18797224-902f-48f8-a5cc-f745e15eee43
 2003-08-05 20:09:21 +00:00
caillon%returnzero.com
7fe85266fd Adding comments, per bzbarsky. bug 214050. 
git-svn-id: svn://10.0.0.236/trunk@145342 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-29 19:03:00 +00:00
caillon%returnzero.com
c9af458d0a Don't let success of string bundle calls dictate the return value, continue to return errors. Still bug 214050. 
git-svn-id: svn://10.0.0.236/trunk@145325 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-29 09:07:43 +00:00
caillon%returnzero.com
742898a589 Bug 214050 
Start to localize some of the more common user-visible error messages in caps.
r+sr=bzbarsky@mit.edu


git-svn-id: svn://10.0.0.236/trunk@145319 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-29 05:28:00 +00:00
caillon%returnzero.com
cd46cbbaad Bug 83536. 
Merge script principal implementations into one class.
Should reduce footprint, speed up calls to caps a little bit, and fixes several memory leaks.
Also fixes bugs 211174 and 211263
r=jst@netscape.com
sr=bzbarsky@mit.edu
moa=mstoltz@netscape.com (he looked at an earlier patch and said it looked fine, and will do a retroactive review when he returns from vacation as well)


git-svn-id: svn://10.0.0.236/trunk@145137 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-24 05:15:20 +00:00
jst%netscape.com
155632c501 Fixing bug 210730. ClassInfoData optimizations. r+sr=jaggernaut@netscape.com 
git-svn-id: svn://10.0.0.236/trunk@144207 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-27 03:10:49 +00:00
timeless%mozdev.org
543383a0e6 Bug 194872 CAPS vulnerability when doing cross-site-scripting with frames from different origins and different CAPS settings (allAccess, noAccess). 
bustage (const char*)
sr=jst


git-svn-id: svn://10.0.0.236/trunk@144181 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-26 03:27:01 +00:00
mstoltz%netscape.com
df95af7f9f Bug 194872 - Cache zone-policy data on the subject principal instead of the callee. r=nisheeth, sr=jst. 
git-svn-id: svn://10.0.0.236/trunk@144169 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-26 00:18:43 +00:00