Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
135,688 Commits 3,986 Branches 0 Tags
Commit Graph

237 Commits

Author SHA1 Message Date
dveditz%cruzio.com
48060e3409 Improve enablePrivilege confirmation dialog text and presentation, sanity-check 
privilege names (bug 253942, bug 253944) r=caillon,sr=brendan,a=chofmann,mkaply


git-svn-id: svn://10.0.0.236/trunk@161570 18797224-902f-48f8-a5cc-f745e15eee43
 2004-09-01 07:53:32 +00:00
roc+%cs.cmu.edu
0b0fa89131 Bug 226439. Convert codebase to use AppendLiteral/AssignLiteral/LowerCaseEqualsLiteral. r+sr=darin 
git-svn-id: svn://10.0.0.236/trunk@157992 18797224-902f-48f8-a5cc-f745e15eee43
 2004-06-17 00:13:25 +00:00
dveditz%cruzio.com
701ccb5c8d bug 162020 option to delay enabling confirmation buttons r=mkaply,sr=sspitzer 
git-svn-id: svn://10.0.0.236/trunk@157430 18797224-902f-48f8-a5cc-f745e15eee43
 2004-06-05 09:26:01 +00:00
mkaply%us.ibm.com
365db455e3 #239580 
r=danm, sr=dveditz
Extend ConfirmEx to allow setting the default button - change default button for script security to no


git-svn-id: svn://10.0.0.236/trunk@156844 18797224-902f-48f8-a5cc-f745e15eee43
 2004-05-24 13:33:51 +00:00
roc+%cs.cmu.edu
bdc7e5f59b Bug 226439. Convert Seamonkey to EqualsLiteral. rs=darin 
git-svn-id: svn://10.0.0.236/trunk@156785 18797224-902f-48f8-a5cc-f745e15eee43
 2004-05-22 22:15:22 +00:00
bzbarsky%mit.edu
dce306232a Add a version of CheckLoadURI that takes a source principal instead of a source 
URI.  Update a bunch of callers to use it.  Bug 233108, r=caillon, sr=dveditz


git-svn-id: svn://10.0.0.236/trunk@155487 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-25 16:55:27 +00:00
bryner%brianryner.com
3b4b8ed6c9 deCOMtaminate nsIScriptObjectPrincipal (bug 240745). This also fixes some code in nsCrypto.cpp that sems to have been mis-braced (I don't think it was working as intended). r+sr=jst. 
git-svn-id: svn://10.0.0.236/trunk@155049 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-18 00:28:47 +00:00
gerv%gerv.net
98831918fc Bug 236613: change to MPL/LGPL/GPL tri-license. 
git-svn-id: svn://10.0.0.236/trunk@155044 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-17 21:52:36 +00:00
cbiesinger%web.de
d02f9c7f35 Bug 235504 Remove nsCString::EqualsWithConversion(const char*) 
r=darin sr=dbaron


git-svn-id: svn://10.0.0.236/trunk@154891 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-14 20:09:30 +00:00
jst%mozilla.jstenback.com
d73251183e Backing out the fix for bug 235457 since it made typing URLs, and autocomplete in the the URL bar not work. 
git-svn-id: svn://10.0.0.236/trunk@154028 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-16 19:06:10 +00:00
jst%mozilla.jstenback.com
5cc3ac88a9 Fixing bug 235457. Make new windows opened through window.open be opened on the context of the opener, and make caps not lie about when capabilities are enabled. r=danm-moz@comcast.net, r=caillon@aillon.org, sr=brendan@mozilla.org, a=dbaron@dbaron.org 
git-svn-id: svn://10.0.0.236/trunk@154020 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-16 06:57:54 +00:00
darin%meer.net
af98e4f306 landing dbaron's patch for bug 235735 "fix callers that cast away const on result of ns[C]String::get" r+sr=darin 
git-svn-id: svn://10.0.0.236/trunk@153357 18797224-902f-48f8-a5cc-f745e15eee43
 2004-02-28 22:34:07 +00:00
darin%meer.net
9770631282 fixes bug 234916 "Remove global/static NS_NAMED_LITERAL_C?STRING usage [was: Firefox crashes on startup on Mac OS X]" r=jst sr=dbaron 
git-svn-id: svn://10.0.0.236/trunk@153191 18797224-902f-48f8-a5cc-f745e15eee43
 2004-02-25 02:08:34 +00:00
jst%mozilla.jstenback.com
854468a176 Fixing bug 233307. deCOMtaminating nsIScript* and related interfaces. r+sr=bryner@brianryner.com. 
git-svn-id: svn://10.0.0.236/trunk@152565 18797224-902f-48f8-a5cc-f745e15eee43
 2004-02-09 22:48:53 +00:00
pkw%us.ibm.com
bae37edcfd Bug 228095 - AIX: 64-bit build error in nsScriptSecurityManager.cpp 
r=caillon@aillon.org, sr=brendan@mozilla.org, a=brendan@mozilla.org


git-svn-id: svn://10.0.0.236/trunk@150326 18797224-902f-48f8-a5cc-f745e15eee43
 2003-12-15 18:16:09 +00:00
caillon%returnzero.com
f401257c19 Permit content to link to about:logo 
Bug 223293; r=timeless sr=jst


git-svn-id: svn://10.0.0.236/trunk@148490 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-30 01:35:09 +00:00
caillon%returnzero.com
c1914505cb Re-land patch for bug 83536, merging principal objects. 
Also includes fixes from bug 216041.
r=bzbarsky
sr=jst


git-svn-id: svn://10.0.0.236/trunk@148229 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-21 22:11:49 +00:00
brendan%mozilla.org
da7fa465a7 Better version of last change, thanks to caillon for reminding me. 
git-svn-id: svn://10.0.0.236/trunk@147384 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-28 04:55:50 +00:00
brendan%mozilla.org
4981e3ba49 Forgot to update calls to formerly-static SecurityCompareURI (r+sr=bz). 
git-svn-id: svn://10.0.0.236/trunk@147383 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-28 04:44:33 +00:00
brendan%mozilla.org
53924f1a53 Expose nsIScriptSecurityManager::SecurityCompareURIs for use by nsGlobalWindow::SetNewDocument, to avoid spurious window.open same-origin violation errors (220421, r=caillon, sr=bzbarsky). 
git-svn-id: svn://10.0.0.236/trunk@147382 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-28 04:22:01 +00:00
caillon%returnzero.com
38f33a981a about:about 
Bug 56061
r=bryner@brianryner.com
sr=darin@meer.net


git-svn-id: svn://10.0.0.236/trunk@146846 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-13 19:35:59 +00:00
caillon%returnzero.com
d55b44719f Backing out the patch to bug 83536. 
I will reland this when 1.6a re-opens.
r+sr=jst@netscape.com
a=chofmann


git-svn-id: svn://10.0.0.236/trunk@146256 18797224-902f-48f8-a5cc-f745e15eee43
 2003-08-22 03:06:53 +00:00
caillon%returnzero.com
916e757114 Bug 214949 
Make XUL error pages work again by making GetOrigin() return the full spec for chrome: URIs and preventing principal lookups when the principals hash is empty.
r+sr=jst@netscape.com
a=rjesup@wgate.com


git-svn-id: svn://10.0.0.236/trunk@145830 18797224-902f-48f8-a5cc-f745e15eee43
 2003-08-10 02:26:11 +00:00
brendan%mozilla.org
95220b5330 Add shared DHashTableOps for [const] char *key use-cases, clean up dhash API abusages (214839, r=dougt, sr=dbaron). 
git-svn-id: svn://10.0.0.236/trunk@145624 18797224-902f-48f8-a5cc-f745e15eee43
 2003-08-05 20:09:21 +00:00
caillon%returnzero.com
7fe85266fd Adding comments, per bzbarsky. bug 214050. 
git-svn-id: svn://10.0.0.236/trunk@145342 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-29 19:03:00 +00:00
caillon%returnzero.com
c9af458d0a Don't let success of string bundle calls dictate the return value, continue to return errors. Still bug 214050. 
git-svn-id: svn://10.0.0.236/trunk@145325 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-29 09:07:43 +00:00
caillon%returnzero.com
742898a589 Bug 214050 
Start to localize some of the more common user-visible error messages in caps.
r+sr=bzbarsky@mit.edu


git-svn-id: svn://10.0.0.236/trunk@145319 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-29 05:28:00 +00:00
caillon%returnzero.com
cd46cbbaad Bug 83536. 
Merge script principal implementations into one class.
Should reduce footprint, speed up calls to caps a little bit, and fixes several memory leaks.
Also fixes bugs 211174 and 211263
r=jst@netscape.com
sr=bzbarsky@mit.edu
moa=mstoltz@netscape.com (he looked at an earlier patch and said it looked fine, and will do a retroactive review when he returns from vacation as well)


git-svn-id: svn://10.0.0.236/trunk@145137 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-24 05:15:20 +00:00
jst%netscape.com
155632c501 Fixing bug 210730. ClassInfoData optimizations. r+sr=jaggernaut@netscape.com 
git-svn-id: svn://10.0.0.236/trunk@144207 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-27 03:10:49 +00:00
timeless%mozdev.org
543383a0e6 Bug 194872 CAPS vulnerability when doing cross-site-scripting with frames from different origins and different CAPS settings (allAccess, noAccess). 
bustage (const char*)
sr=jst


git-svn-id: svn://10.0.0.236/trunk@144181 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-26 03:27:01 +00:00
mstoltz%netscape.com
df95af7f9f Bug 194872 - Cache zone-policy data on the subject principal instead of the callee. r=nisheeth, sr=jst. 
git-svn-id: svn://10.0.0.236/trunk@144169 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-26 00:18:43 +00:00
jst%netscape.com
ecae24eff4 Fixing bug 209884. Writing an inline helper to safely get an nsIScriptContext from a JSContext and making direct callers of JS_GetContextPrivate() use the helper. r=caillon@aillon.org, sr=peterv@netscape.com 
git-svn-id: svn://10.0.0.236/trunk@144108 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-24 21:43:01 +00:00
caillon%returnzero.com
588acb1f7c Bug 163645 - User defined properties of window.navigator are not remembered when a new page is loaded. 
Enable this for websites within the same domain only.
Also, fixes CheckSameOriginPrincipal to just check the principals, and not care whether we have anything on the JS stack.
r=mstoltz, sr=jst


git-svn-id: svn://10.0.0.236/trunk@143900 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-18 23:48:57 +00:00
harishd%netscape.com
893e8e41f1 Grant access to SOAP response document's properties and also allow the document to be serializable. b=193953, r=heikki@netscape.com, sr=jst@netscape.com 
git-svn-id: svn://10.0.0.236/trunk@143644 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-12 20:18:34 +00:00
dougt%meer.net
e70ad5a847 Disallowing javascript or data schemes in a redirect. r=mstoltz, sr=brendan, a=rjesup, b=195201 
git-svn-id: svn://10.0.0.236/trunk@143054 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-29 21:56:38 +00:00
dougt%meer.net
43e230ebe2 Disallowing javascript or data schemes in a redirect. r=mstoltz, sr=brendan, a=rjesup, b=195201 
git-svn-id: svn://10.0.0.236/trunk@143053 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-29 21:51:34 +00:00
mstoltz%netscape.com
d55cb10a60 Bug 163950 - allow opening connections for XML data transfer services when document.domain has been set. r=jst, sr=heikki. 
git-svn-id: svn://10.0.0.236/trunk@143008 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-28 23:22:36 +00:00
dbradley%netscape.com
5878dbec4a bug 205538 - Use hyphens instead of underscores in caps prefs for CID's. r=adamlock, sr=alecf, a=asa 
git-svn-id: svn://10.0.0.236/trunk@142650 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-20 14:19:05 +00:00
jst%netscape.com
394e9fef7e Fixing bug 202994. Make sure the proper security check is done when converting the result of a JS expression in a javascript: URL to a string. r=mstoltz@netscape.com, sr=brendan@mozilla.org, a=asa@mozilla.org 
git-svn-id: svn://10.0.0.236/trunk@142350 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-12 22:23:52 +00:00
brendan%mozilla.org
409a6a96a8 Fix overbroad getter/setter access check to apply only to scripted getters/setters; fix wrong object class name in error messages (198660, r=mstoltz, sr=jst, a=asa). 
git-svn-id: svn://10.0.0.236/trunk@142248 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-09 00:40:50 +00:00
jst%netscape.com
6f39df51bc Fixing bug 201132. Always use the JSPrincipals from the target object when compiling event handlers, never use the principals of the global object in which the event handler is compiled. Also make sure we never use the principals that are precompiled into cloned Functions, always get the principal from the Function's scope in such cases. r=mstoltz@netscape.com (and heikki@netscape.com), sr=brendan@mozilla.org 
git-svn-id: svn://10.0.0.236/trunk@141333 18797224-902f-48f8-a5cc-f745e15eee43
 2003-04-17 20:21:00 +00:00
mstoltz%netscape.com
00529830be Bug 188229 - adding new security check function that allows component instantiation by CID. r=dveditz, sr=heikki. *not part of build yet* 
git-svn-id: svn://10.0.0.236/trunk@139306 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-12 02:17:37 +00:00
timeless%mozdev.org
7f19212039 Bug 196340 Change NS_REINTERPRET_CAST(nsIScriptContext*, JS_GetContextPrivate(cx)) to use Static Cast 
r=mstoltz sr=heikki


git-svn-id: svn://10.0.0.236/trunk@139117 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-07 21:54:28 +00:00
brendan%mozilla.org
a5ad42fb1b Generalize the JS_SetCheckObjectAccessCallback hook implemented here to deal with user-defined getters and setters (92773, r=mstoltz, sr=jst). 
git-svn-id: svn://10.0.0.236/trunk@139037 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-06 19:40:14 +00:00
rginda%netscape.com
ce1ca0b4c1 bug 191773, r=mstoltz, a=dbaron@dbaron.org 
only allow x-jsd: urls from chrome: and resource:


git-svn-id: svn://10.0.0.236/trunk@137399 18797224-902f-48f8-a5cc-f745e15eee43
 2003-02-05 01:27:56 +00:00
sfraser%netscape.com
b3ed7e7caf Fix bug 127185: don't crash with a null JS context if running without XPT files. Fixes nsScriptSecurityManager to do more thorough error checking on initialization. r=mstoltz, sr=jst. 
git-svn-id: svn://10.0.0.236/trunk@136464 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-17 01:00:15 +00:00
dbaron%dbaron.org
30879d2c9e Bug 178643: Remove uses of NS_INIT_ISUPPORTS, since it's no longer needed. r=timeless sr=jag 
git-svn-id: svn://10.0.0.236/trunk@135991 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-08 19:24:38 +00:00
mstoltz%netscape.com
51f2a63b0c Bug 168316 - When calling from Java into JS, add a "dummy" JS stack frame with 
principal information for the security manager. r=dveditz, sr=jst, a=chofmann.


git-svn-id: svn://10.0.0.236/trunk@132679 18797224-902f-48f8-a5cc-f745e15eee43
 2002-10-30 03:15:59 +00:00
sspitzer%netscape.com
05fe9776e8 fix for #168136. r=mstoltz, sr=dveditz. 
for pref controlled schemes, allow access if source scheme is chrome or res.
needed for the new "view filter log UI".


git-svn-id: svn://10.0.0.236/trunk@129410 18797224-902f-48f8-a5cc-f745e15eee43
 2002-09-12 20:27:07 +00:00
dougt%netscape.com
e289284076 166917. Clean up xpcom SDK includes. r=rpotts@netscape.com, sr=alecf@netscape.com, a=rjesup@wgate.com 
git-svn-id: svn://10.0.0.236/trunk@129050 18797224-902f-48f8-a5cc-f745e15eee43
 2002-09-07 17:13:19 +00:00