corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
202,656 Commits 1 Branch 0 Tags
e272a33dff4cb15dfb51ef6dc74252d1da9ac2b9
Commit Graph

134 Commits

Author SHA1 Message Date
Ehsan Akhgari
478ad1a412 Bug 690892 - Replace PR_TRUE/PR_FALSE with true/false on mozilla-central; rs=dbaron 
Landing on a CLOSED TREE
 2011-10-17 10:59:28 -04:00
Michael Wu
0fe7772ece Bug 675553 - Switch from PRBool to bool on a CLOSED TREE , r=bsmedberg,khuey,bz,cjones 2011-09-28 23:19:26 -07:00
Matheus Kerschbaum
b785679c11 Bug 662000 part 2: Remove XPC_IDISPATCH_SUPPORT from the build-system and XPConnect. r=mrbkap 2011-06-22 11:56:47 -04:00
Masayuki Nakano
521d4b0187 Bug 660770 caps should use mozilla::Preferences r=roc+jst 2011-06-20 12:00:16 +09:00
Luke Wagner
32541f500f Bug 549143 - fatvals 2010-07-14 23:19:36 -07:00
Dan Witte
469099104b Bug 564048 - Nix security checks in nsPrefBranch. r=sicking, sr=jst 2010-06-08 16:43:54 -07:00
Peter Van der Beken
753380fb93 Fix for bug 560199 (Link XPConnect and caps into layout). r=jst. 2010-04-11 15:55:24 +02:00
Sid Stamm
8050d19006 bug 515443 CSP no-eval support. r=mrbkap,brendan 2010-03-08 00:24:50 -08:00
Jonas Sicking
0304916ce4 Bug 543696: Remove unused nsIScriptSecurityManager::CheckConnect. r/sr=mrbkap 2010-02-02 02:29:15 -08:00
Blake Kaplan
f3b6671930 Bug 504021 - Add an API to the script security manager to clamp principals for a given context. r=jst/bzbarsky sr=dveditz 2009-08-21 18:20:20 -07:00
Blake Kaplan
549b44761d Bug 502959 - Restore code to make caps allow wrapping same-origin wrappedjs objects. r=jst sr=bzbarsky 2009-08-06 20:26:33 -07:00
Blake Kaplan
2b10344961 Bug 493074 - Compute fewer things to try to clear up a performance regression. r+sr=jst 2009-05-14 15:17:56 -07:00
Blake Kaplan
6bb6ca58e1 Bug 483672 - Give regular JS objects that have been reflected into C++ a security policy that follows the same-origin model. Also teach caps about "same origin" for these cases. r=jst sr=bzbarsky 2009-05-13 15:01:01 -07:00
Mook
e8d57925e8 Bug 472032 - [win64] sizeof(long) != sizeof(void*) assertion in nsScriptSecurityManager.cpp; changed SecurityLevel to use PRWord, clarified assertion on the protected code; r+sr=dveditz 2009-02-26 18:31:17 +01:00
Dan Mosedale
66872c955e Remove MailNews special casing from nsScriptSecurityManager (bug 374577), r+sr=bzbarsky 2009-02-17 20:32:57 -08:00
Igor Bukanov
78a7c1b4b0 Bug 459656 - Implementing nsIThreadJSContextStack in nsXPConnect. r+sr=mrbkap 2008-10-14 16:16:25 +02:00
Arpad Borsos
1b55360c07 Bug 456388 - Remove PR_STATIC_CALLBACK and PR_CALLBACK(_DECL) from the tree; r+sr=brendan 2008-10-10 17:04:34 +02:00
Ben Newman
54a132e5b4 Bug 454850. Make sure that whenever nsPrincipal::Equals would return true for a pair of principals their nsPrincipal::GetHashValue returns are also equal. r+sr=bzbarsky 2008-10-08 09:16:27 -04:00
Arpad Borsos
5c3d798db7 Bug 398946 - Remove JS_STATIC_DLL_CALLBACK and JS_DLL_CALLBACK from the tree; r=(benjamin + bent.mozilla) 2008-09-07 00:21:43 +02:00
43974bedd7 Followup patch to bug 425201. Make sure to throw if xhr.open is called with an illegal uri. Also restore the nsIScriptSecurityManager.CheckConnect API as soap still uses it 2008-04-18 10:35:55 -07:00
f6edaf0e34 Allow XMLHttpRequest and document.load load files from subdirectories. r/sr=dveditz 2008-04-08 17:38:12 -07:00
95d8ac4def Landing followup fix for bug 402983 and re-enabling the new stricter file URI security policies. r+sr=bzbarsky@mit.edu 2008-03-22 09:50:47 -07:00
c30c1f1176 Landing fix for bug 402983. Make security checks on file:// URIs symmetric. Patch by dveditz@cruzio.com, r=jonas@sicking.cc,bzbarsky@mit.edu. jst@mozilla.org 2008-03-20 21:39:08 -07:00
d8f62e65bf Finally kill off CheckSameOriginPrincipal, fix remaining callers to do the checks they really want to be doing. Fix screw-up in nsPrincipal::Equals if one principal has a cert and the other does not. Bug 418996, r=mrbkap,dveditz, sr=jst 2008-03-18 14:14:49 -07:00
51622f4f19 Bug 416534: Clean up cross-site xmlhttprequest security checks. With fixes to tests this time. r/sr=peterv 2008-02-26 19:45:29 -08:00
0e09da2e16 backing out fix for bug 416534 as potential cause of mochitest failure 2008-02-26 19:23:36 -08:00
5a418fd29c Bug 416534: Clean up cross-site xmlhttprequest security checks. r/sr=peterv 2008-02-26 18:17:49 -08:00
2137617bee Fixing bug 413767. Make caps use faster JS class/parent/private/proto accessors. r=mrbkap@gmail.com, sr=brendan@mozilla.org 2008-01-29 12:51:01 -08:00
fd502496c5 Bug 411327 - nsIXPCNativeCallContext should not inherit from nsISupports, r=mrbkap, a=schrep 2008-01-15 07:50:57 -08:00
eecfc98144 Fixing bug 408009. Make doGetObjectPrincipal() faster. r+sr=bzbarsky@mit.edu, r+a=brendan@mozilla.org 2007-12-12 15:02:25 -08:00
27506864a9 bugs 230606 and 209234: add options to restrict file: URI same-origin policies, r+sr=jst, blocking+=pavlov 2007-09-06 00:02:57 -07:00
98de634631 Bug 348748 - Replace all instances of NS_STATIC_CAST and friends with C++ casts (and simultaneously bitrot nearly every patch in existence). r=bsmedberg on the script that did this. Tune in next time for Macro Wars: Episode II: Attack on the LL_* Macros. 2007-07-08 00:08:04 -07:00
7be1c54ee4 Remove GetKeyPointer method from nsTHashtable key types. b=374906 r=bsmedberg 2007-03-27 08:34:59 -07:00
0f08b75950 Remove unused getKey callback from PLDHashTableOps/JSDHashTableOps. b=374906 r=bsmedberg 2007-03-27 08:33:38 -07:00
bzbarsky@mit.edu
ce1dcb41ac Remove securityCompareURIs() from nsIScriptSecurityManager. Bug 327243, r+sr=jst 2006-11-14 22:46:45 +00:00
bzbarsky@mit.edu
bd12b1b015 Make it possible for protocol handlers to configure how CheckLoadURI should 
treat them via their protocol flags.  Remove the protocol list we used before.
Bug 120373, r=dveditz, sr=darin
 2006-11-10 23:49:08 +00:00
bzbarsky@mit.edu
5a2d1d8d62 Disable optimization that relies on invariants we don't maintain. Bug 317240 
wallpaper, r+sr=jst
 2006-05-04 15:23:43 +00:00
bzbarsky@mit.edu
7856969463 Followup fix for bug 307867 -- make sure to update our pointers to hashtable 
entries when the entries move. r=dveditz, sr=brendan
 2006-02-24 04:38:46 +00:00
bzbarsky@mit.edu
862b87ebdd Remove dead code. Bug 327171, r=mrbkap, sr=shaver 2006-02-14 21:08:15 +00:00
bzbarsky@mit.edu
e41f8baacf Get principals for XPConnect wrapped natives off their scope instead of walking 
their parent chain.  Add some asserts to check that this actually does give the
same result, which it should with splitwindow.  Bug 289655, r=dbradley, sr=jst
 2005-11-16 02:12:21 +00:00
cbiesinger@web.de
3b08033c0d Bug 248052 Add a contract ID for a global channeleventsink. Make the 
scriptsecuritymanager register for that and implement nsIChannelEventSink. Veto
redirects if CheckLoadURI fails. Remove the explicit usage of
nsIScriptSecurityManager from nsHttpChannel.cpp.

This eliminates js and xpconnect from REQUIRES, and brings us closer to remove
caps.

r=darin sr=bz
 2005-11-08 20:47:16 +00:00
bzbarsky@mit.edu
7d8ee006a9 Don't call nsIClassInfo::GetClassDescription unless we really have to. Bug 
313157, r=dveditz, sr=jst
 2005-10-20 23:49:59 +00:00
bzbarsky@mit.edu
d5e643aec5 Comment-only fixes I forgot to make. Bug 240661. 2005-07-22 20:49:12 +00:00
bzbarsky@mit.edu
e8bb5f9e92 Expose the subject name for the cert and an nsISupports pointer to the cert on 
nsIPrincipal that represents a certificate principal.  Change preference
storage to ensure matches in not only the fingerprint but also the subjectName
before applying privileges from preferences to a certificate principal.  Remove
possibility for creating certificate principals without a useful identifying
name and make sure that names don't get munged by being forced to ASCII.  Bug
240661, r=caillon, sr=dveditz, a=bsmedberg
 2005-07-22 19:05:42 +00:00
timeless@mozdev.org
712986fe88 Bug 300853 Caps crash on cleanup [@ DomainPolicy::Drop] 
patch by g.maone@informaction.com r=caillon sr=dveditz a=bsmedberg
 2005-07-19 21:55:36 +00:00
timeless@mozdev.org
c2b5639ec1 Bug 217967 FF104 crash [@ PL_DHashTableOperate ] changing caps access control prefs 
More consistent DomainPolicy lifecycle management avoids use of corrupted hashtable data
patch by g.maone@informaction.com r=dveditz sr=shaver a=bsmedberg
 2005-06-29 16:29:49 +00:00
timeless@mozdev.org
51befe1992 Bug 292588 shutdown crash !sXPConnect [@ nsScriptSecurityManager::CheckObjectAccess] 
store the runtime, unset the callback at shutdown
r=dveditz sr=jst a=asa
 2005-06-07 21:57:56 +00:00
brendan@mozilla.org
e7378c1180 Find active native function principals when walking the JS stack, and beef up eval-ish native safeguards (281988, r=shaver/caillon, sr=jst, a=drivers). 2005-05-04 06:28:36 +00:00
bzbarsky@mit.edu
8dcfa0c518 Do less addrefing of principals in the script security manager. Bug 289643, 
r=caillon, sr=brendan, a=asa
 2005-04-10 23:27:07 +00:00
brendan@mozilla.org
e6a80a7ea8 Revert kludge, want a general fix. 2005-04-07 19:48:57 +00:00