Граф коммитов

531 Коммитов

Автор SHA1 Сообщение Дата
caillon%returnzero.com 25a56a0d4b Init mSecurityPolicy. This somehow got lost in between the last two revisions of my patch to bug 83536.
r=timeless,sr=bzbarsky on IRC.
2003-07-27 07:00:25 +00:00
caillon%returnzero.com 007e7d68ad 213796 - Crash In CAPS.DLL On Startup [@ nsPrincipal::GetHashValue]
r+sr+caillonIsStupid=bzbarsky@mit.edu
2003-07-27 04:08:48 +00:00
caillon%returnzero.com 728cd6526c Bug 213847. Prompt the user for what to do if we don't know whether we can grant a capability.
r+sr=bzbarsky@mit.edu
2003-07-25 19:23:17 +00:00
mkaply%us.ibm.com b7fd1c6840 Ports bustage - remove NS_COM per bsmedberg 2003-07-24 18:58:30 +00:00
caillon%returnzero.com 91b7c60bee Bug 83536.
Merge script principal implementations into one class.
Should reduce footprint, speed up calls to caps a little bit, and fixes several memory leaks.
Also fixes bugs 211174 and 211263
r=jst@netscape.com
sr=bzbarsky@mit.edu
moa=mstoltz@netscape.com (he looked at an earlier patch and said it looked fine, and will do a retroactive review when he returns from vacation as well)
2003-07-24 05:15:20 +00:00
seawood%netscape.com beb45866ed Removing extra ^M. Fixing Irix cc bustage 2003-06-28 05:15:41 +00:00
jst%netscape.com 524a20845d Fixing bug 210730. ClassInfoData optimizations. r+sr=jaggernaut@netscape.com 2003-06-27 03:10:49 +00:00
timeless%mozdev.org 66730e2ca7 Bug 194872 CAPS vulnerability when doing cross-site-scripting with frames from different origins and different CAPS settings (allAccess, noAccess).
bustage (const char*)
sr=jst
2003-06-26 03:27:01 +00:00
mstoltz%netscape.com ddc015e3b7 Bug 194872 - Cache zone-policy data on the subject principal instead of the callee. r=nisheeth, sr=jst. 2003-06-26 00:18:43 +00:00
jst%netscape.com abefba9053 Fixing bug 209884. Writing an inline helper to safely get an nsIScriptContext from a JSContext and making direct callers of JS_GetContextPrivate() use the helper. r=caillon@aillon.org, sr=peterv@netscape.com 2003-06-24 21:43:01 +00:00
caillon%returnzero.com b2badfa9f7 Bug 163645 - User defined properties of window.navigator are not remembered when a new page is loaded.
Enable this for websites within the same domain only.
Also, fixes CheckSameOriginPrincipal to just check the principals, and not care whether we have anything on the JS stack.
r=mstoltz, sr=jst
2003-06-18 23:48:57 +00:00
harishd%netscape.com 85570db892 Grant access to SOAP response document's properties and also allow the document to be serializable. b=193953, r=heikki@netscape.com, sr=jst@netscape.com 2003-06-12 20:18:34 +00:00
seawood%netscape.com 97649bab86 Removing old cfm build files. Use the CFM_LAST_RITES tag to resurrect. r=macdev 2003-06-10 21:18:27 +00:00
seawood%netscape.com b28ce0a530 Removing old cfm build files. Use the CFM_LAST_RITES tag to resurrect. r=macdev 2003-06-10 20:12:33 +00:00
dougt%meer.net a069087dd4 Disallowing javascript or data schemes in a redirect. r=mstoltz, sr=brendan, a=rjesup, b=195201 2003-05-29 21:56:38 +00:00
dougt%meer.net e3a6a4edfc Disallowing javascript or data schemes in a redirect. r=mstoltz, sr=brendan, a=rjesup, b=195201 2003-05-29 21:51:34 +00:00
timeless%mozdev.org fc043d1270 Bug 207328 @mozilla.org/scriptsecuritymanager;1 isn't registering itself correctly as an app-startup observer service
r=mstoltz sr=alecf
2003-05-29 04:27:03 +00:00
mstoltz%netscape.com 11919bb299 Bug 163950 - allow opening connections for XML data transfer services when document.domain has been set. r=jst, sr=heikki. 2003-05-28 23:22:36 +00:00
dwitte%stanford.edu 270d3909ca bug 100649: Length() being used where IsEmpty() is meant
treewide changes to convert incorrect usages of string.Length() to string.IsEmpty().

thanks to afatecha@idea.com.py (Ariel Fatecha) for the patch. r=dwitte, sr=jst.

got the ok from Asa to land into a closed tree.
2003-05-23 21:34:47 +00:00
dbradley%netscape.com 5761ad14e3 bug 205538 - Use hyphens instead of underscores in caps prefs for CID's. r=adamlock, sr=alecf, a=asa 2003-05-20 14:19:05 +00:00
jst%netscape.com 72ec343461 Fixing bug 202994. Make sure the proper security check is done when converting the result of a JS expression in a javascript: URL to a string. r=mstoltz@netscape.com, sr=brendan@mozilla.org, a=asa@mozilla.org 2003-05-12 22:23:52 +00:00
brendan%mozilla.org 710c694ac3 Fix overbroad getter/setter access check to apply only to scripted getters/setters; fix wrong object class name in error messages (198660, r=mstoltz, sr=jst, a=asa). 2003-05-09 00:40:50 +00:00
dbradley%netscape.com fd606d2dcd Another dummy change to cause beast to rebuild caps 2003-04-30 09:19:50 +00:00
mkaply%us.ibm.com 4c6419aa49 IRIX bustage 2003-04-23 04:28:41 +00:00
mstoltz%netscape.com 4edb1f430d Bug 180749 - when remembering granted privileges for file://pages, grant privilege for that page only, not the whole local file system. r=jst, sr=heikki. 2003-04-23 00:21:02 +00:00
jst%netscape.com 690a8cef27 Fixing bug 201132. Always use the JSPrincipals from the target object when compiling event handlers, never use the principals of the global object in which the event handler is compiled. Also make sure we never use the principals that are precompiled into cloned Functions, always get the principal from the Function's scope in such cases. r=mstoltz@netscape.com (and heikki@netscape.com), sr=brendan@mozilla.org 2003-04-17 20:21:00 +00:00
bzbarsky%mit.edu cbf70f5c05 Removing stray windows newline that causes build warning... No reviews, sorry. 2003-04-08 20:26:41 +00:00
locka%iol.ie 461f6c3964 Define XPC_IDISPATCH_SUPPORT when building caps if necessary. b=198117 r=dbradley@netscape.com sr=alec@netscape.com 2003-03-20 12:10:04 +00:00
rginda%netscape.com 2b3526ff2e bug 170585, Scriptable streams are broken; r=darinf, sr=dougt
update to readdata caller
2003-03-13 21:24:37 +00:00
mstoltz%netscape.com 44d264d6b0 Bug 188229 - adding new security check function that allows component instantiation by CID. r=dveditz, sr=heikki. *not part of build yet* 2003-03-12 02:17:37 +00:00
timeless%mozdev.org b092996d3f Bug 196340 Change NS_REINTERPRET_CAST(nsIScriptContext*, JS_GetContextPrivate(cx)) to use Static Cast
r=mstoltz sr=heikki
2003-03-07 21:54:28 +00:00
brendan%mozilla.org 3c0c23b860 Generalize the JS_SetCheckObjectAccessCallback hook implemented here to deal with user-defined getters and setters (92773, r=mstoltz, sr=jst). 2003-03-06 19:40:14 +00:00
rginda%netscape.com c1745c244e bug 191773, r=mstoltz, a=dbaron@dbaron.org
only allow x-jsd: urls from chrome: and resource:
2003-02-05 01:27:56 +00:00
seawood%netscape.com 5c6983cb86 Whitespace change to trigger rebuild of libs that depend upon zlib. 2003-01-30 05:53:29 +00:00
bryner%netscape.com da1893e985 fixing IRIX bustage (^M's from mstoltz's checkin) 2003-01-25 03:58:38 +00:00
mstoltz%netscape.com 366a456693 Bug 189799 - Ignore username:password portion of URL when making URL comparisons for security. r=heikki, sr=jst, a=asa 2003-01-25 01:43:37 +00:00
sfraser%netscape.com ba78e7bec4 Fix bug 127185: don't crash with a null JS context if running without XPT files. Fixes nsScriptSecurityManager to do more thorough error checking on initialization. r=mstoltz, sr=jst. Fixes bustage. 2003-01-17 02:00:01 +00:00
sfraser%netscape.com 1c574be034 Fix bug 127185: don't crash with a null JS context if running without XPT files. Fixes nsScriptSecurityManager to do more thorough error checking on initialization. r=mstoltz, sr=jst. 2003-01-17 01:00:15 +00:00
dbaron%dbaron.org 48544669f3 Bug 178643: Remove uses of NS_INIT_ISUPPORTS, since it's no longer needed. r=timeless sr=jag 2003-01-08 19:24:38 +00:00
caillon%returnzero.com 6d92f9bd32 184257 - Updating pref callers. r=timeless sr=bzbarsky 2003-01-08 08:40:41 +00:00
seawood%netscape.com d5efcdfb6d Start installing GRE libraries & components into a separate dist/gre directory as part of the default build.
Bug #186241 r=dougt
2002-12-28 01:15:07 +00:00
alecf%netscape.com df10f648b8 take two at fixing bug 177401 - convert nsIBinaryStream over to using nsAString/nsACString for string values, to speed up fastload
sr=darin, r=dougt
(the previous checkin had a typo which disabled fastload entirely!)
2002-11-14 18:16:31 +00:00
alecf%netscape.com 0a48c10053 argh, back out my last checkin because Ts went UP not down! 2002-11-09 01:31:32 +00:00
alecf%netscape.com 4721428275 fix for bug 177401 - use nsAString& classes instead of wstring in nsIBinaryInputStream, to speed up fastload startup
sr=darin, r=dougt
2002-11-08 23:30:53 +00:00
mstoltz%netscape.com d0f045a722 Bug 168316 - When calling from Java into JS, add a "dummy" JS stack frame with
principal information for the security manager. r=dveditz, sr=jst, a=chofmann.
2002-10-30 03:15:59 +00:00
sspitzer%netscape.com b7337fe62b fix for #168136. r=mstoltz, sr=dveditz.
for pref controlled schemes, allow access if source scheme is chrome or res.
needed for the new "view filter log UI".
2002-09-12 20:27:07 +00:00
dougt%netscape.com 68faeb5241 166917. Clean up xpcom SDK includes. r=rpotts@netscape.com, sr=alecf@netscape.com, a=rjesup@wgate.com 2002-09-07 17:13:19 +00:00
jkeiser%netscape.com 32844f7719 Make anonymous content inaccessible to web content (bug 164086), r=sicking@bigfoot.com, sr=jst@netscape.com 2002-08-29 04:05:39 +00:00
bbaetz%student.usyd.edu.au e1742b6500 Backing out jkeiser's checkin for bug 164086 (not bug 96537) because he
left a file out, and the tree turned red....
2002-08-28 10:13:28 +00:00
jkeiser%netscape.com 8aa6968431 Make anonymous content inaccessible to web content (bug 96537), r=sicking@bigfoot.com, sr=jst@netscape.com 2002-08-28 08:19:43 +00:00
henry.jia%sun.com 227be5af9c Fix bug 159889: replace the hardcode of "@mozilla.org/preferences;1" with NS_PREF_CONTRACTID
Patch by leon.zhang@sun.com
r=Henry, sr=alecf
2002-08-19 04:29:58 +00:00
seawood%netscape.com 322da773fb Removing old nmake build makefiles. Bug #158528 r=pavlov 2002-08-10 07:55:43 +00:00
henry.jia%sun.com bb349938fc 5th patch for bug 158080
Description: replace the hardcode of @mozilla.org/embedcomp/window-watcher;1 with NS_WINDOWWATCHER_CONTRACTID
Patch by Henry.Jia@sun.com
r=anto, sr=alecf
2002-08-06 06:32:02 +00:00
sicking%bigfoot.com 39c966dd38 Use principals instead of URIs for same-origin checks.
b=159348, r=bz, sr=jst, a=asa
2002-07-30 21:26:32 +00:00
mstoltz%netscape.com d0eab90dbb Bug 154930 - If one page has explicitly set document.domain and another has not,
do not consider them to be of the same origin for security checks. r=dveditz, sr=jst
2002-07-09 00:10:02 +00:00
harishd%netscape.com 23d9c4988e Disable script on the requested docshell and the containing docshells. b=154647, r=mstoltz, sr=jst 2002-07-02 23:26:08 +00:00
mstoltz%netscape.com 6e12a5ca9f Bug 152725 - Get URL passed to cookie module from document principal, not document URL.
THis ensures that cookies set by javascript URL pages are set in the correct domain.
r=morse, sr=dveditz.
2002-07-02 17:58:24 +00:00
harishd%netscape.com 0031d01a28 Backing out my checkin to see if it fixes the Txul breakage 2002-06-27 23:32:51 +00:00
harishd%netscape.com 5ce8f55dd0 ** checking in for mstoltz **
Disable scripts on the requested docshell and containing docshells. Also, made setCurrentURI() scriptable ( approved by Adam Lock ). b=154647, r=harishd, sr=jst
2002-06-27 20:58:42 +00:00
mstoltz%netscape.com 6f5d99be4c 133170 - Need to re-check host for security on a redirect after a call to
XMLHttpRequest.open(). For xmlextras, r=heikki, sr=jband. For caps,
r=bzbarsky, sr=jst
147754 - Add same-origin check to XMLSerializer. Patch by jst. r=mstoltz,
sr=jband
113351 - Add same-origin check to XSL Include. Patch by peterv and jst,
r=mstoltz, sr=rpotts
135267 - Add same-origin check to stylesheets included via LINK tags.
r=dveditz, sr=scc
2002-06-14 23:54:18 +00:00
dougt%netscape.com c683a217ab Fixes mozilla/strings requiring unfrozen nsCRT class. patch by scc, r=dougt, sr=jag, b=136756 2002-05-15 18:55:21 +00:00
darin%netscape.com 6fd5862e6e fixes bug 142870 "nsIFile should use UCS-2 instead of UTF-8"
r=dougt sr=alecf
2002-05-07 23:07:19 +00:00
ben%netscape.com 7d003ba281 [Chrome FastLoad]
Ensure that principals are written as Compound Objects using |WriteCompoundObject|, not using |WriteObject|
r=mstoltz, sr=brendan
2002-05-03 03:00:46 +00:00
darin%netscape.com e554d83626 fixes bug 129279 "nsIFile unicode/utf8/ascii task"
r=dougt sr=alecf
2002-04-27 05:33:09 +00:00
mstoltz%netscape.com 8b4ac18c14 Bug 136993 - Put the "trusted codebase principals" feature back in.
r=harishd, sr=jst, a=valeski
2002-04-13 01:53:46 +00:00
darin%netscape.com e73746ce67 fixes bug 134546 "Memory leak in nsScriptSecurityManager::GetBaseURIScheme()"
patch=pj@ludd.luth.se, r=mstoltz, sr=darin, a=rjesup@wgate.com
2002-04-03 20:23:57 +00:00
mstoltz%netscape.com 03fe97372a A bunch of fixes in caps:
128697 - Added a pref listener for changes to capability.policy prefs,
removed profile-change listener
131025 - Removed insecure "trusted codebase principals" feature
131340 - Make nsCodebasePrincipal::Equals handle jar URLs correctly
131342 - Clean up privilege-grant dialog code
128861 - class policy hashtables allocated only when needed; avoids
PLDHash memory-use warning
Fixed comparison of -1 and 80 ports (Can't find the bug # right now)

All r=harishd, sr=jst, a=asa.
2002-03-20 05:53:46 +00:00
timeless%mac.com dec943eb10 Bug 106386 rid source of misspellings
r=db48x sr=blake a=asa
2002-03-19 04:30:17 +00:00
alecf%netscape.com e5d4028f9d fix bug 129635 - write a destructor for DomainPolicy so that the hashtable is destroyed
(and not leaked!)
r=mstoltz, sr=vidur, a=asa
2002-03-10 00:41:08 +00:00
rginda%netscape.com 35fde24f6c Bug 129503, "IsCapabilityEnabled should return PR_TRUE if no script on stack"
sr=brendan, r=mstoltz, a=asa
If the js stack has no principals on it, return PR_TRUE from IsCapabilityEnabled
.  Currently, the only time we'd have a stack devoid of principals is when all f
unctions are native.  If this assumption changes, this may need to be revisited
(depending on what it would mean to be a compiled script without a principal.)
2002-03-08 02:20:55 +00:00
darin%netscape.com f1a6738b6c fixes bug 124042 "support internationalized URIs" r=dougt, sr=alecf, a=asa 2002-03-06 07:48:55 +00:00
jband%netscape.com 3ac1b33f9c remove stale DEBUG_jband block. rs=jband a=dbaron 2002-03-05 08:02:05 +00:00
mstoltz%netscape.com 18c8067fae Bug 127938 - chrome scripts should be exempt from the security check put in for
bug 105050, on access to the opener property when the opener is a mail window.
r=pavlov, sr=jst, a=leaf.
2002-02-28 00:22:59 +00:00
mstoltz%netscape.com 75f6bd3583 partially backing out my last change - weird dependency problem 2002-02-26 05:28:26 +00:00
mstoltz%netscape.com 82659b14ca 32571, present confirmation dialog before allowing scripts to close windows.
105050, pass null window.opener when opener is a mail window.
both r=heikki, sr=jst, a=asa.
Backed out previously because of tinderbox problem, which should be fixed now.
2002-02-26 04:50:21 +00:00
jst%netscape.com beae4f7953 Fixing bug 111529. Optimizing out unnecessary QI calls from nsScriptSecurityManager::GetObjectPrincipal() and doing some other minor cleanups and speedups. r=nisheeth@netscape.com, sr=jband@netscape.com 2002-02-20 05:51:05 +00:00
cathleen%netscape.com 124339899e eliminate nsCRT::strlen for char* strings (part 1), bug 124536 r=dp sr=brendan 2002-02-19 07:36:56 +00:00
mcafee%netscape.com 1a3a52cce7 Backing out mstoltz. r=dbaron,jrgm 2002-02-19 04:06:53 +00:00
mstoltz%netscape.com cc94447571 Bug 105050 - return null window.opener to scripts if opener is a mail window.
Bug 32571 - Prompt user before allowing scripts to close windows if opener is null.
both r=heikki, sr=jst.
2002-02-19 01:09:45 +00:00
mkaply%us.ibm.com cbcd4c677a OS/2 bustage - callback needs to be in header 2002-02-13 13:30:06 +00:00
mstoltz%netscape.com 4756b7169c Bug 119646 - Rewrite of the security manager policy database for improved
performance. r=jst, sr=jband.
2002-02-13 04:20:46 +00:00
alecf%netscape.com 5483b6f627 one more part of fix for bug 107575, including the much coveted whitespace
remove aIgnoreCase parameter from all nsString and nsCString consumers
sr=jag, r=shaver
2002-02-01 01:53:09 +00:00
sfraser%netscape.com d133d4956f Making the nsModuleComponentInfo data const; bug 74803. r=dp, sr=waterson 2002-01-30 21:14:20 +00:00
seawood%netscape.com 45bfbf0658 Landing the rest of the win32 gmake changes:
* Adds Makefile.ins to win32 specific dirs
* Adds WINNT ifdefs to Makefile.ins
* Causes NSPR to be compiled with --with-mozilla
* Misc general Makefile.in cleanup

Bug #58981 r=mcafee
2001-12-18 09:14:29 +00:00
jaggernaut%netscape.com 97b0530073 Bug 104158: Use NS_LITERAL_STRING instead of XXXWithConversion("..."). r=bryner, rs=alecf 2001-12-16 11:58:03 +00:00
mstoltz%netscape.com cb9ae92896 Bug 107387 - rename security.properties to caps.properties. r=nhotta, rs=jst. 2001-12-12 04:43:35 +00:00
ccarlen%netscape.com 993cd4c06f Bug 98349 - Convert Mac build to CW7 and XML projects. Removing obsolete .mcp files. r=pink/sr=sfraser 2001-12-11 04:54:47 +00:00
ccarlen%netscape.com 6d8ea78b52 Adding new files for conversion to CW7 and XML project files. Bug 98349 r=pink/sr=sfraser. 2001-12-10 20:25:12 +00:00
mstoltz%netscape.com 3c9f658ac2 Bug 109113 - misplaced #ifdef DEBUG caused fix not to work in opt builds.
Moved #endif to exclude important call. r/sr=jst.
2001-11-27 00:29:20 +00:00
jband%netscape.com ee23501c42 trivial patch to make what is supposed to be a warning really a warning instead of an assert. rs=jband 2001-11-22 23:26:34 +00:00
peterv%netscape.com 99fc30ce49 Fixing mac debug bustage. Patch suggested by jst, sr=jst. 2001-11-16 10:50:33 +00:00
mstoltz%netscape.com 25276e6b94 Bug 109113, second half of fix. r=jst, sr=brendan. Adding new CheckObjectAccess
callback to enforce the same-origin policy on function.caller.
2001-11-16 06:17:24 +00:00
dbaron%fas.harvard.edu 8cd8d91750 Ensure that string literals are used as |const char*| rather than |char*|. r=jag sr=brendan b=107052 2001-11-07 06:24:10 +00:00
seawood%netscape.com be10c3b1a8 Backing out fix for remote mach-o builds as it left mach-o builds fragile.
Add TK_CFLAGS back to default CFLAGS/CXXFLAGS.
Bug #107696
2001-11-03 03:29:05 +00:00
seawood%netscape.com 8a2a775382 Since '-framework Carbon' causes binaries to require console access to run, do not link using that flag by default. Otherwise, remote builds & non-console tinderboxes will break. Mac OSX Mach-O only.
Bug #107696 r=mozbot
2001-11-01 00:54:48 +00:00
mstoltz%netscape.com f634fa73d2 bug 106535, adding the ability to enable codebase principals for a single host
instead of for all hosts. r=vidur, sr=jst.
2001-10-26 23:00:48 +00:00
jaggernaut%netscape.com 45107c0d97 Bug 53057: Fixing up users of implicit |CharT*| conversion operators for nsCString to use |.get()| instead, rr=dbaron, rs=scc 2001-10-25 06:13:52 +00:00
bnesse%netscape.com 73c9a1111f Fix for bug 103883. Add weak ref support for prefs observers to help reduce MLK cycles with preferences. r=ccarlen, darin, gordon, hewitt, mstoltz, srilatha, sspitzer. sr=alecf. 2001-10-22 20:54:48 +00:00
dougt%netscape.com d18d7e2b17 nsIObserver and nsIObserverService API freeze. r=rpotts@netscape.com, alecf@netscape.com. bug 99163 2001-10-19 20:52:59 +00:00
bzbarsky%mit.edu 8986a0ad12 Make CAPS correctly observe changes to capability.policy prefs. Needed
for having UI for these suckers.  Bug 101150, r=mstoltz,sr=jst
2001-10-02 21:56:51 +00:00