corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
630,513 Commits 1 Branch 0 Tags
5000c387e8af184309c0942cd20b660db6ebce7a
Commit Graph

256 Commits

Author SHA1 Message Date
Gijs Kruitbosch
d1f846a970 Bug 1309310, r=bz 
MozReview-Commit-ID: KLaMv6zfxR8
 2016-11-09 18:25:11 +00:00
Christoph Kerschbaumer
304a72b87f Bug 1308889 - Try to explicitly pass aTriggeringPrincipal and aPrincipalToInherit to DoURILoad(). r=bz 2016-11-08 07:23:12 +01:00
Dave Huseby
5431eeef89 Bug 1189086 - Eliminate nsIPrincipal::jarPrefix. r=dveditz 2016-10-24 13:52:00 +02:00
Tom Tromey
fad2c810d6 Bug 553032 - use MOZ_FORMAT_PRINTF in js; r=evilpie 
MozReview-Commit-ID: DD3DJRkOxmC
 2016-10-11 12:44:40 -06:00
Sebastian Hengst
ac4e31ada2 Backed out changeset 2bfd163f23f9 (bug 553032) 2016-10-19 18:29:36 +02:00
Tom Tromey
371584f1db Bug 553032 - use MOZ_FORMAT_PRINTF in js; r=evilpie 
MozReview-Commit-ID: DD3DJRkOxmC
 2016-10-11 12:44:40 -06:00
Christoph Kerschbaumer
75f4b7cfca Bug 1305012 - Downgrade a new channel's principal to NullPrincipal. r=smaug 2016-10-05 21:19:51 +02:00
Cameron McCormack
6cb613ea54 Bug 1300720 - Part 2: Lazily initialize nsScriptSecurityManager::mFileURIWhitelist. r=bholley 
MozReview-Commit-ID: 8cqHUlOnsEH
 2016-10-03 12:43:17 +08:00
Olli Pettay
8f6bc77921 Bug 1306300, null check nsILoadContext in GetLoadContextCodebasePrincipal, r=baku 2016-09-29 20:31:50 +03:00
Gijs Kruitbosch
671c563976 Bug 1290668 - unbreak view-source links between http and https pages, r=smaug 
MozReview-Commit-ID: B4nXTkMC5LE
 2016-09-27 13:31:53 +01:00
Tooru Fujisawa
e2afbe3471 Bug 1289050 - Part 2: Use ASCII or Latin1 variants of JS_ReportError in not-simple cases. r=jwalden 2016-08-15 19:20:01 +09:00
Ehsan Akhgari
0a2b381a4b Bug 1297687 - Part 1: Remove nsIScriptSecurityManager.createExpandedPrincipal(); r=bholley 2016-09-22 13:27:33 -04:00
Christoph Kerschbaumer
33bcdc34ea Bug 1297338 - Introduce concept of principalToInherit to docshell and scriptSecurityManager. r=bz 2016-09-20 08:36:25 +02:00
Yoshi Huang
c346f0771b Bug 1260931 - Part 3: Propagate firstPartyDomain. r=smaug 2016-09-06 10:25:58 +08:00
Sebastian Hengst
0d9509f866 Backed out changeset b9afda2804fd (bug 1260931) 2016-09-05 21:15:29 +02:00
Yoshi Huang
f1abf881e7 Bug 1260931 - Part 3: Propagate firstPartyDomain. r=smaug 2016-09-06 01:50:30 +08:00
Wes Kocher
86da21f7ac Backed out changeset 1e7eb0625d3e (bug 1297687) a=merge 2016-09-02 13:18:37 -07:00
Sebastian Hengst
cdc0721c8b Backed out changeset 10da0eca7bbb (bug 1260931) 2016-09-02 15:33:51 +02:00
Sebastian Hengst
56d09d1e93 Backed out 5 changesets (bug 1260931) 
Backed out changeset 86e1a437021b (bug 1260931)
Backed out changeset be65e87da9e3 (bug 1260931)
Backed out changeset 39cff1d988fd (bug 1260931)
Backed out changeset 2fa7c4d8a5bc (bug 1260931)
Backed out changeset 075d612841fb (bug 1260931)
 2016-09-02 14:55:59 +02:00
Sebastian Hengst
8857c3cbc4 Backed out changeset 10da0eca7bbb (bug 1260931) 2016-09-02 14:38:42 +02:00
Yoshi Huang
e24acd9a60 Bug 1260931 - Part 3: Propagate firstPartyDomain. r=smaug 2016-09-02 15:04:40 +08:00
Nicholas Nethercote
887efe04d5 Bug 1299727 - Rename NS_WARN_IF_FALSE as NS_WARNING_ASSERTION. r=erahm. 
The new name makes the sense of the condition much clearer. E.g. compare:

  NS_WARN_IF_FALSE(!rv.Failed());

with:

  NS_WARNING_ASSERTION(!rv.Failed());

The new name also makes it clearer that it only has effect in debug builds,
because that's standard for assertions.
 2016-09-01 15:01:16 +10:00
Ehsan Akhgari
49afa7cd3f Bug 1297687 - Use the OriginAttributes associated with a window principal when creating a Sandbox with an expanded principal; r=baku 2016-09-01 14:34:23 -04:00
Jan de Mooij
bd0f1c9018 Bug 1292892 part 1 - Stop using JSRuntime outside SpiderMonkey. r=bz,terrence,fitzgen,kanru 2016-08-11 14:39:22 +02:00
Andrew McCreight
952305b0f9 Bug 1292289, part 2 - Remove includes of xpcprivate.h in caps/. r=mrbkap 
Also remove some unused nsIXPConnect headers.

With the prior patch and this patch, touching xpcprivate.h does not
require rebuilding the caps directory.

MozReview-Commit-ID: HAL0FscGqjM
 2016-08-04 11:19:24 -07:00
Yoshi Huang
480077c0b6 Bug 1287073 - remove SEC_FORCE_INHERIT_PRINCIPAL_WAS_DROPPED from nsILoadInfo r=sicking 2016-07-28 15:56:32 +08:00
Chris Peterson
6c0f810682 Bug 1277106 - Part 2: Expand MOZ_UTF16() strings to u"" string literals. r=Waldo 2016-07-20 22:03:25 -07:00
Gijs Kruitbosch
6447be87cf Bug 1281787, r=bz 
MozReview-Commit-ID: JLdLD57pF87
 2016-07-13 12:05:22 +01:00
Jan de Mooij
19682be3ac Bug 1283855 part 20 - Make more principals code take JSContext instead of JSRuntime. r=luke 2016-07-05 16:49:46 +02:00
Jan de Mooij
c9a160c5f1 Bug 1283855 part 19 - Make security callbacks take JSContext instead of JSRuntime. r=jorendorff 2016-07-05 16:49:44 +02:00
Jonathan Watt
9c5b8de022 Bug 1279451 - Remove a lot of unnecessary includes of nsAutoPtr.h. rs=sparky 2016-06-07 21:10:18 +01:00
Nicholas Nethercote
9165c82198 Bug 1277104 - Add strings to high-frequency MOZ_CRASH() occurrences. mccr8. 
Some of these are guesses; it's not always clear from a crash report stack
trace which MOZ_CRASH() was hit.
 2016-06-09 13:09:58 +10:00
Gijs Kruitbosch
cf895152ae Bug 1277583, r=bz 
MozReview-Commit-ID: E9gNZAOQzG9
 2016-06-02 19:42:21 +01:00
Jonathan Hao
2a932ab0e2 Bug 1259871 - Replace getSimpleCodebasePrincipal with createCodebasePrincipal. r=sicking 
MozReview-Commit-ID: Frx0CjBzuve
 2016-05-24 18:01:34 +08:00
Boris Zbarsky
8386016c45 Bug 1275698. Get rid of nsScriptSecurityManager::ScriptAllowed and replace it with xpc::Scriptability::Get(obj).Allowed() for better performance and less indirection. r=khuey 2016-05-27 20:26:56 -04:00
Boris Zbarsky
6df828a524 Bug 1276138. Remove the current/safe JSContext getters from nsScriptSecurityManager. r=mrbkap 2016-05-27 13:28:14 -04:00
Chris Peterson
c5970906b3 Bug 1274415 - Fix -Wshadow warnings in caps/ directory. r=dveditz 
caps/BasePrincipal.cpp:562:28 [-Wshadow] declaration shadows a local variable
caps/nsScriptSecurityManager.cpp:675:18 [-Wshadow] declaration shadows a local variable
caps/nsScriptSecurityManager.cpp:854:14 [-Wshadow] declaration shadows a local variable
 2016-05-19 01:04:46 -07:00
Jonathan Watt
6f81513923 Bug 1162772, part 3 - Add a getChannelResultPrincipalIfNotSandboxed method to nsIScriptSecurityManager. r=bz 
MozReview-Commit-ID: 4QwM1y6wRb
 2016-04-28 11:13:09 +01:00
Sebastian Hengst
3d2ce65e01 Backed out changeset c32539fd746a (bug 1162772) 2016-04-30 09:54:01 +02:00
Jonathan Watt
5cb60c2c0b Bug 1162772, part 3 - Add a getChannelResultPrincipalIfNotSandboxed method to nsIScriptSecurityManager. r=bz 
MozReview-Commit-ID: 4QwM1y6wRb
 2016-04-28 11:13:09 +01:00
Yoshi Huang
2b116e8616 Bug 1263496 - Part 3: fix for nsNullPrincipal::Create 
This fixed the locations listed by
http://searchfox.org/mozilla-central/search?q=nsNullPrincipal::Create(&redirect=true
that needs to inherit origin attributes.
 2016-04-27 18:38:07 +08:00
Tanvi Vyas
d0fb122eb2 Bug 1105556 - Call Create(originAttributes) when loadinfo->loadingPrincipal is null, instead of CreatePrincipalWithInheritedAttributes(). r=sicking 2016-04-13 16:30:22 -07:00
Dave Huseby
82ec96b887 Bug 1237479 -- nsScriptSecurityManager needs to use the correct user context id in the origin attributes in a few places. r=sicking 2016-04-01 22:36:00 -04:00
Benjamin Bouvier
e9e5750ced Bug 1251308; r=luke 
MozReview-Commit-ID: AqsMX4m7Qh9
 2016-03-09 11:20:11 +01:00
J. Ryan Stinnett
0a5be07579 Bug 1238160 - Add assertions in non-desktop code paths. r=bz,fabrice 
Several code paths try to ask the principal if it's in a browser element, but
the principal now only knows about *isolated* browser elements.  All such code
paths are currently unused on desktop.  The frame loader now asserts that
isolation remains enabled for cases where apps are used.

MozReview-Commit-ID: 775DZecc35t
 2016-03-02 10:35:56 -06:00
J. Ryan Stinnett
f6d23d0dde Bug 1238160 - Rename OriginAttributes.mInBrowser and associated methods. r=bz,mayhemer 
This change renames OriginAttributes.mInBrowser to mInIsolatedMozBrowser and
nsIPrincipal::GetIsInBrowserElement to GetIsInIsolatedMozBrowserElement.  Other
methods that pass these values around also have name changes.

Tokens such as "inBrowser" have previously been serialized into cache keys, used
as DB column names, stored in app registries, etc.  No changes are made to any
serialization formats.  Only runtime method and variable names are updated.

No behavior changes are made in this patch, so some renamed methods may have
nonsensical implementations.  These are corrected in subsequent patches
focused on behavior.

MozReview-Commit-ID: 66HfMlsXFLs
 2016-03-02 10:35:56 -06:00
Boris Zbarsky
eeb98bb29d Bug 1251311. JS::DescribeScriptedCaller can't throw JS exceptions. Adjust some callers accordingly. r=khuey 2016-02-26 15:23:13 -05:00
Yoshi Huang
f70f96654c Bug 1240651 - Annotate addonId into crash report (r=bholley) 2016-02-01 16:05:53 -08:00
Gijs Kruitbosch
eb9cdf73fb Bug 1172165 - check all nested URI schemes in CAPS. Make view-source dangerous to load, and about: URIs use per-URI flags so they keep working, r=bz 
Also, add an opt-out for crashtest/reftest for the view-source thing so they don't all break, r=bz
 2015-12-11 08:06:41 -05:00
Henry Chang
56a01f0f6b Bug 1211590 - Inherits OriginAttributes from loading principal for GetChannelURIPrincipal. r=sicking 2016-01-13 05:30:00 +01:00