4c7f9052d3
Add a scriptable hash function API. basically what this does is moves the hashing function out of the nsISignatureVerifier.idl and creates a new interface nsICryptoHash which is scriptable. Because of this change, we needed to fix up all of the call sites. r=darin, sr=dveditz, a=shaver
2005-06-01 16:06:53 +00:00
f636ebe0de
Fix bug 293671. r=caillon sr=dveditz a=asa
2005-05-12 18:26:41 +00:00
8ca0c03467
Cleaner fix for bug 290036. b=290949 r=dveditz sr=darin a=asa
2005-05-12 18:20:07 +00:00
eb7002903b
Fix comment from last night to match today's code.
2005-05-04 18:58:24 +00:00
371b8140d2
Undo gist of last change for now, it breaks too much even though it's safer.
2005-05-04 16:19:31 +00:00
ea9fd4132c
Find active native function principals when walking the JS stack, and beef up eval-ish native safeguards (281988, r=shaver/caillon, sr=jst, a=drivers).
2005-05-04 06:28:36 +00:00
7b45a8e4ba
Fix crashes when privilegeManager methods are called by setting our our param
...
on success return. Bug 289991 and bug 289925, r=caillon, sr=dbaron, a=dbaron
2005-04-12 05:13:26 +00:00
6d36e81b66
Do less addrefing of principals in the script security manager. Bug 289643,
...
r=caillon, sr=brendan, a=asa
2005-04-10 23:27:07 +00:00
bb7b3cd85f
Revert kludge, want a general fix.
2005-04-07 19:48:57 +00:00
b02c276f35
Stop evals and Script object calls/execs that cross trust domains (289074, r=shaver, sr=jst, a=drivers).
2005-04-07 02:22:24 +00:00
4efd7a5f8a
Bug 239967 prototype for nsScriptSecurityManager::GetPrincipalFromContext is wrong
...
r=dveditz sr=dveditz
2005-03-29 03:12:12 +00:00
e171eaba9b
Inline access to XPCWrappedNative's nsISupports pointer, with do_QueryWrappedNative nsCOMPtr helper (bug 285404). r=jst, sr=darin.
2005-03-10 00:39:28 +00:00
06f479dff9
bug 279768: Bring build system to work with --enable-ui-locale; r=bsmedberg; a=doron on webservices move
2005-03-08 17:21:36 +00:00
361daac936
Bug 281414 - global s/nsIPrefBranchInternal/nsIPrefBranch2/ rs=darin (did not change backwards-compatible code in extensions/irc extensions/venkman or extensions/inspector)
2005-02-25 20:46:35 +00:00
3a4edb10d6
Remove special-casing so non-chrome-principal pages, even with chrome: uris,
...
can have script disabled as needed. Bug 280120, r=peterv, sr=neil
2005-02-22 21:18:31 +00:00
92c940aa45
Bug 269661 make libpref not depend on caps
...
r=caillon sr=dveditz
2005-02-06 12:39:31 +00:00
d30a1bda05
bug 280613 : checkLoadURIStr of nsIScriptSecurityManager should accept AUTF8String istead of string (for IDN), r=dveditz, sr=darin
2005-02-02 07:17:53 +00:00
d9f747cca2
Add about:license and about:licence and make about: link to them. Bug 256945,
...
r=gerv, sr=darin
2005-01-23 21:02:36 +00:00
79241940e8
Bug 273876 - libxul step 2 (everything through widget, except spidermonkey) r=darin; again, this should not affect non-xulrunner trees.
2004-12-09 19:28:35 +00:00
ffa869708f
Bug 261339 Setting capability.policy.default.Window.top to noAccess seems to crash mozilla
...
r=caillon sr=dveditz
2004-11-05 16:54:09 +00:00
b405b527b8
Bug 267311 netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect") in a XBL constructor make mozilla crash. [@ JS_FrameIterator]
...
r=dveditz sr=jst
2004-11-05 15:25:04 +00:00
1f629aef08
Make it possible to disable checkloaduri on a per-site basis instead of
...
disabling it globally. Bug 233108, r=caillon, sr=jst
2004-11-03 15:45:52 +00:00
f97343e1ac
Re-enabling the fix for bug 69070 and optimizing some string code in caps that was for sure part of the reason for the Tp regression, and use CheckLoadURIWithPrincipal() to be more correct. r+sr=bzbarsky@mit.edu
2004-10-15 16:53:35 +00:00
08b3a16535
Re-enabling the fix for bug 69070 and optimizing some string code in caps that was for sure part of the reason for the Tp regression, and use CheckLoadURIWithPrincipal() to be more correct. r+sr=bzbarsky@mit.edu
2004-10-15 16:34:58 +00:00
e67c6e5dcf
Improve enablePrivilege confirmation dialog text and presentation, sanity-check
...
privilege names (bug 253942, bug 253944) r=caillon,sr=brendan,a=chofmann,mkaply
2004-09-01 07:53:32 +00:00
765d4043a5
removing myself from DEBUG_CAPS_HACKER list
2004-07-10 19:38:28 +00:00
0f4150a4e5
Bug 226439. Convert codebase to use AppendLiteral/AssignLiteral/LowerCaseEqualsLiteral. r+sr=darin
2004-06-17 00:13:25 +00:00
914def148f
fix DEBUG_CAPS_HACKER bustage due to bug 240106
...
r=caillon sr=darin
2004-06-16 15:58:22 +00:00
e66742e59c
bug 162020 option to delay enabling confirmation buttons r=mkaply,sr=sspitzer
2004-06-05 09:26:01 +00:00
348998da9e
#239580
...
r=danm, sr=dveditz
Extend ConfirmEx to allow setting the default button - change default button for script security to no
2004-05-24 13:33:51 +00:00
0e3ff503fb
Bug 226439. Convert Seamonkey to EqualsLiteral. rs=darin
2004-05-22 22:15:22 +00:00
4ede76717e
Add a version of CheckLoadURI that takes a source principal instead of a source
...
URI. Update a bunch of callers to use it. Bug 233108, r=caillon, sr=dveditz
2004-04-25 16:55:27 +00:00
642f7ede36
deCOMtaminate nsIScriptObjectPrincipal (bug 240745). This also fixes some code in nsCrypto.cpp that sems to have been mis-braced (I don't think it was working as intended). r+sr=jst.
2004-04-18 00:28:47 +00:00
9d2ee4928c
Bug 236613: change to MPL/LGPL/GPL tri-license.
2004-04-17 21:52:36 +00:00
6ad20397bf
Bug 235504 Remove nsCString::EqualsWithConversion(const char*)
...
r=darin sr=dbaron
2004-04-14 20:09:30 +00:00
2ee27045ba
Backing out the fix for bug 235457 since it made typing URLs, and autocomplete in the the URL bar not work.
2004-03-16 19:06:10 +00:00
e1913b1f1e
Fixing bug 235457. Make new windows opened through window.open be opened on the context of the opener, and make caps not lie about when capabilities are enabled. r=danm-moz@comcast.net, r=caillon@aillon.org, sr=brendan@mozilla.org, a=dbaron@dbaron.org
2004-03-16 06:57:54 +00:00
2081246472
one more tweak, r=caillon
2004-03-06 20:54:47 +00:00
344f084a76
making this sound less like it's PSM, rs=caillon
2004-03-06 20:47:21 +00:00
c380c59f65
landing dbaron's patch for bug 235735 "fix callers that cast away const on result of ns[C]String::get" r+sr=darin
2004-02-28 22:34:07 +00:00
f6875e2d3c
fixes bug 234916 "Remove global/static NS_NAMED_LITERAL_C?STRING usage [was: Firefox crashes on startup on Mac OS X]" r=jst sr=dbaron
2004-02-25 02:08:34 +00:00
505c634885
Fixing bug 233307. deCOMtaminating nsIScript* and related interfaces. r+sr=bryner@brianryner.com.
2004-02-09 22:48:53 +00:00
d0f309943a
Continuing to land the PACKAGING_20030906_BRANCH for bug 20640. Not part of the build, yet.
2004-01-07 13:37:00 +00:00
274ef7cd49
Beginning to land the PACKAGING_20030906_BRANCH for bug 20640. Not part of the build, yet.
2004-01-07 01:22:31 +00:00
6394a7f9f8
Bug 227758 make subjectPrincipalIsSystem unscriptable and checkSameOriginURI scriptable r=caillon sr=dveditz
2003-12-19 21:51:37 +00:00
56dbd77c06
Bug 228095 - AIX: 64-bit build error in nsScriptSecurityManager.cpp
...
r=caillon@aillon.org , sr=brendan@mozilla.org , a=brendan@mozilla.org
2003-12-15 18:16:09 +00:00
c8e5f51fe0
227079 - Mozilla asks for security privileges where it shouldn't
...
Make sure we check signed.applets.codebase_principal_support and special urls before going further.
r=jst sr=bzbarsky a=dbaron
2003-12-04 02:14:07 +00:00
7809adca33
Fix missing cx param problem (223041, r=caillon, sr=dbaron).
2003-11-03 04:26:55 +00:00
6139d85dae
Work around bustage. Temporary fix. b=223041
2003-11-02 02:31:53 +00:00
6ea484e8b7
Permit content to link to about:logo
...
Bug 223293; r=timeless sr=jst
2003-10-30 01:35:09 +00:00
66caced69a
Re-land patch for bug 83536, merging principal objects.
...
Also includes fixes from bug 216041.
r=bzbarsky
sr=jst
2003-10-21 22:11:49 +00:00
4878fd7a5e
Better version of last change, thanks to caillon for reminding me.
2003-09-28 04:55:50 +00:00
3915f74063
Forgot to update calls to formerly-static SecurityCompareURI (r+sr=bz).
2003-09-28 04:44:33 +00:00
4038563cd9
Expose nsIScriptSecurityManager::SecurityCompareURIs for use by nsGlobalWindow::SetNewDocument, to avoid spurious window.open same-origin violation errors (220421, r=caillon, sr=bzbarsky).
2003-09-28 04:22:01 +00:00
a7aa61013a
about:about
...
Bug 56061
r=bryner@brianryner.com
sr=darin@meer.net
2003-09-13 19:35:59 +00:00
06fe994577
Fix build on gcc 3.4 by removing extra semicolons (bug 218551). r/sr=dbaron, a=brendan.
2003-09-07 21:37:51 +00:00
f8e8aed8a7
Backing out the patch to bug 83536.
...
I will reland this when 1.6a re-opens.
r+sr=jst@netscape.com
a=chofmann
2003-08-22 03:06:53 +00:00
ae4593bec0
Bug 216234
...
Calling operator delete on an nsAutoPtr isn't good.
r+sr=dbaron@dbaron.org
a=asa@mozilla.org
2003-08-20 00:40:13 +00:00
1b51ba858c
Set MODULE in makefiles at the top of a heirarchy so that module-deps lists are more precise and builds will have the proper order if some subdirs contain other modules.
2003-08-16 00:42:35 +00:00
c2d2462e51
Bug 214949
...
Make XUL error pages work again by making GetOrigin() return the full spec for chrome: URIs and preventing principal lookups when the principals hash is empty.
r+sr=jst@netscape.com
a=rjesup@wgate.com
2003-08-10 02:26:11 +00:00
b7cdb7debb
Add shared DHashTableOps for [const] char *key use-cases, clean up dhash API abusages (214839, r=dougt, sr=dbaron).
2003-08-05 20:09:21 +00:00
4572ef1a55
Adding comments, per bzbarsky. bug 214050.
2003-07-29 19:03:00 +00:00
dac741004a
Don't let success of string bundle calls dictate the return value, continue to return errors. Still bug 214050.
2003-07-29 09:07:43 +00:00
b6f6ad74ba
Bug 214050
...
Start to localize some of the more common user-visible error messages in caps.
r+sr=bzbarsky@mit.edu
2003-07-29 05:28:00 +00:00
25a56a0d4b
Init mSecurityPolicy. This somehow got lost in between the last two revisions of my patch to bug 83536.
...
r=timeless,sr=bzbarsky on IRC.
2003-07-27 07:00:25 +00:00
007e7d68ad
213796 - Crash In CAPS.DLL On Startup [@ nsPrincipal::GetHashValue]
...
r+sr+caillonIsStupid=bzbarsky@mit.edu
2003-07-27 04:08:48 +00:00
728cd6526c
Bug 213847. Prompt the user for what to do if we don't know whether we can grant a capability.
...
r+sr=bzbarsky@mit.edu
2003-07-25 19:23:17 +00:00
b7fd1c6840
Ports bustage - remove NS_COM per bsmedberg
2003-07-24 18:58:30 +00:00
91b7c60bee
Bug 83536.
...
Merge script principal implementations into one class.
Should reduce footprint, speed up calls to caps a little bit, and fixes several memory leaks.
Also fixes bugs 211174 and 211263
r=jst@netscape.com
sr=bzbarsky@mit.edu
moa=mstoltz@netscape.com (he looked at an earlier patch and said it looked fine, and will do a retroactive review when he returns from vacation as well)
2003-07-24 05:15:20 +00:00
beb45866ed
Removing extra ^M. Fixing Irix cc bustage
2003-06-28 05:15:41 +00:00
524a20845d
Fixing bug 210730. ClassInfoData optimizations. r+sr=jaggernaut@netscape.com
2003-06-27 03:10:49 +00:00
66730e2ca7
Bug 194872 CAPS vulnerability when doing cross-site-scripting with frames from different origins and different CAPS settings (allAccess, noAccess).
...
bustage (const char*)
sr=jst
2003-06-26 03:27:01 +00:00
ddc015e3b7
Bug 194872 - Cache zone-policy data on the subject principal instead of the callee. r=nisheeth, sr=jst.
2003-06-26 00:18:43 +00:00
abefba9053
Fixing bug 209884. Writing an inline helper to safely get an nsIScriptContext from a JSContext and making direct callers of JS_GetContextPrivate() use the helper. r=caillon@aillon.org, sr=peterv@netscape.com
2003-06-24 21:43:01 +00:00
b2badfa9f7
Bug 163645 - User defined properties of window.navigator are not remembered when a new page is loaded.
...
Enable this for websites within the same domain only.
Also, fixes CheckSameOriginPrincipal to just check the principals, and not care whether we have anything on the JS stack.
r=mstoltz, sr=jst
2003-06-18 23:48:57 +00:00
85570db892
Grant access to SOAP response document's properties and also allow the document to be serializable. b=193953, r=heikki@netscape.com, sr=jst@netscape.com
2003-06-12 20:18:34 +00:00
97649bab86
Removing old cfm build files. Use the CFM_LAST_RITES tag to resurrect. r=macdev
2003-06-10 21:18:27 +00:00
b28ce0a530
Removing old cfm build files. Use the CFM_LAST_RITES tag to resurrect. r=macdev
2003-06-10 20:12:33 +00:00
a069087dd4
Disallowing javascript or data schemes in a redirect. r=mstoltz, sr=brendan, a=rjesup, b=195201
2003-05-29 21:56:38 +00:00
e3a6a4edfc
Disallowing javascript or data schemes in a redirect. r=mstoltz, sr=brendan, a=rjesup, b=195201
2003-05-29 21:51:34 +00:00
fc043d1270
Bug 207328 @mozilla.org/scriptsecuritymanager;1 isn't registering itself correctly as an app-startup observer service
...
r=mstoltz sr=alecf
2003-05-29 04:27:03 +00:00
11919bb299
Bug 163950 - allow opening connections for XML data transfer services when document.domain has been set. r=jst, sr=heikki.
2003-05-28 23:22:36 +00:00
270d3909ca
bug 100649: Length() being used where IsEmpty() is meant
...
treewide changes to convert incorrect usages of string.Length() to string.IsEmpty().
thanks to afatecha@idea.com.py (Ariel Fatecha) for the patch. r=dwitte, sr=jst.
got the ok from Asa to land into a closed tree.
2003-05-23 21:34:47 +00:00
5761ad14e3
bug 205538 - Use hyphens instead of underscores in caps prefs for CID's. r=adamlock, sr=alecf, a=asa
2003-05-20 14:19:05 +00:00
72ec343461
Fixing bug 202994. Make sure the proper security check is done when converting the result of a JS expression in a javascript: URL to a string. r=mstoltz@netscape.com, sr=brendan@mozilla.org, a=asa@mozilla.org
2003-05-12 22:23:52 +00:00
710c694ac3
Fix overbroad getter/setter access check to apply only to scripted getters/setters; fix wrong object class name in error messages (198660, r=mstoltz, sr=jst, a=asa).
2003-05-09 00:40:50 +00:00
fd606d2dcd
Another dummy change to cause beast to rebuild caps
2003-04-30 09:19:50 +00:00
4c6419aa49
IRIX bustage
2003-04-23 04:28:41 +00:00
4edb1f430d
Bug 180749 - when remembering granted privileges for file://pages, grant privilege for that page only, not the whole local file system. r=jst, sr=heikki.
2003-04-23 00:21:02 +00:00
690a8cef27
Fixing bug 201132. Always use the JSPrincipals from the target object when compiling event handlers, never use the principals of the global object in which the event handler is compiled. Also make sure we never use the principals that are precompiled into cloned Functions, always get the principal from the Function's scope in such cases. r=mstoltz@netscape.com (and heikki@netscape.com), sr=brendan@mozilla.org
2003-04-17 20:21:00 +00:00
cbf70f5c05
Removing stray windows newline that causes build warning... No reviews, sorry.
2003-04-08 20:26:41 +00:00
461f6c3964
Define XPC_IDISPATCH_SUPPORT when building caps if necessary. b=198117 r=dbradley@netscape.com sr=alec@netscape.com
2003-03-20 12:10:04 +00:00
2b3526ff2e
bug 170585, Scriptable streams are broken; r=darinf, sr=dougt
...
update to readdata caller
2003-03-13 21:24:37 +00:00
44d264d6b0
Bug 188229 - adding new security check function that allows component instantiation by CID. r=dveditz, sr=heikki. *not part of build yet*
2003-03-12 02:17:37 +00:00
b092996d3f
Bug 196340 Change NS_REINTERPRET_CAST(nsIScriptContext*, JS_GetContextPrivate(cx)) to use Static Cast
...
r=mstoltz sr=heikki
2003-03-07 21:54:28 +00:00
3c0c23b860
Generalize the JS_SetCheckObjectAccessCallback hook implemented here to deal with user-defined getters and setters (92773, r=mstoltz, sr=jst).
2003-03-06 19:40:14 +00:00
c1745c244e
bug 191773, r=mstoltz, a=dbaron@dbaron.org
...
only allow x-jsd: urls from chrome: and resource:
2003-02-05 01:27:56 +00:00
5c6983cb86
Whitespace change to trigger rebuild of libs that depend upon zlib.
2003-01-30 05:53:29 +00:00
da1893e985
fixing IRIX bustage (^M's from mstoltz's checkin)
2003-01-25 03:58:38 +00:00
366a456693
Bug 189799 - Ignore username:password portion of URL when making URL comparisons for security. r=heikki, sr=jst, a=asa
2003-01-25 01:43:37 +00:00
ba78e7bec4
Fix bug 127185: don't crash with a null JS context if running without XPT files. Fixes nsScriptSecurityManager to do more thorough error checking on initialization. r=mstoltz, sr=jst. Fixes bustage.
2003-01-17 02:00:01 +00:00
1c574be034
Fix bug 127185: don't crash with a null JS context if running without XPT files. Fixes nsScriptSecurityManager to do more thorough error checking on initialization. r=mstoltz, sr=jst.
2003-01-17 01:00:15 +00:00
48544669f3
Bug 178643: Remove uses of NS_INIT_ISUPPORTS, since it's no longer needed. r=timeless sr=jag
2003-01-08 19:24:38 +00:00
6d92f9bd32
184257 - Updating pref callers. r=timeless sr=bzbarsky
2003-01-08 08:40:41 +00:00
d5efcdfb6d
Start installing GRE libraries & components into a separate dist/gre directory as part of the default build.
...
Bug #186241 r=dougt
2002-12-28 01:15:07 +00:00
df10f648b8
take two at fixing bug 177401 - convert nsIBinaryStream over to using nsAString/nsACString for string values, to speed up fastload
...
sr=darin, r=dougt
(the previous checkin had a typo which disabled fastload entirely!)
2002-11-14 18:16:31 +00:00
0a48c10053
argh, back out my last checkin because Ts went UP not down!
2002-11-09 01:31:32 +00:00
4721428275
fix for bug 177401 - use nsAString& classes instead of wstring in nsIBinaryInputStream, to speed up fastload startup
...
sr=darin, r=dougt
2002-11-08 23:30:53 +00:00
d0f045a722
Bug 168316 - When calling from Java into JS, add a "dummy" JS stack frame with
...
principal information for the security manager. r=dveditz, sr=jst, a=chofmann.
2002-10-30 03:15:59 +00:00
b7337fe62b
fix for #168136 . r=mstoltz, sr=dveditz.
...
for pref controlled schemes, allow access if source scheme is chrome or res.
needed for the new "view filter log UI".
2002-09-12 20:27:07 +00:00
68faeb5241
166917. Clean up xpcom SDK includes. r=rpotts@netscape.com, sr=alecf@netscape.com, a=rjesup@wgate.com
2002-09-07 17:13:19 +00:00
32844f7719
Make anonymous content inaccessible to web content (bug 164086), r=sicking@bigfoot.com, sr=jst@netscape.com
2002-08-29 04:05:39 +00:00
e1742b6500
Backing out jkeiser's checkin for bug 164086 (not bug 96537) because he
...
left a file out, and the tree turned red....
2002-08-28 10:13:28 +00:00
8aa6968431
Make anonymous content inaccessible to web content (bug 96537), r=sicking@bigfoot.com, sr=jst@netscape.com
2002-08-28 08:19:43 +00:00
227be5af9c
Fix bug 159889: replace the hardcode of "@mozilla.org/preferences;1" with NS_PREF_CONTRACTID
...
Patch by leon.zhang@sun.com
r=Henry, sr=alecf
2002-08-19 04:29:58 +00:00
322da773fb
Removing old nmake build makefiles. Bug #158528 r=pavlov
2002-08-10 07:55:43 +00:00
bb349938fc
5th patch for bug 158080
...
Description: replace the hardcode of @mozilla.org/embedcomp/window-watcher;1 with NS_WINDOWWATCHER_CONTRACTID
Patch by Henry.Jia@sun.com
r=anto, sr=alecf
2002-08-06 06:32:02 +00:00
39c966dd38
Use principals instead of URIs for same-origin checks.
...
b=159348, r=bz, sr=jst, a=asa
2002-07-30 21:26:32 +00:00
d0eab90dbb
Bug 154930 - If one page has explicitly set document.domain and another has not,
...
do not consider them to be of the same origin for security checks. r=dveditz, sr=jst
2002-07-09 00:10:02 +00:00
23d9c4988e
Disable script on the requested docshell and the containing docshells. b=154647, r=mstoltz, sr=jst
2002-07-02 23:26:08 +00:00
6e12a5ca9f
Bug 152725 - Get URL passed to cookie module from document principal, not document URL.
...
THis ensures that cookies set by javascript URL pages are set in the correct domain.
r=morse, sr=dveditz.
2002-07-02 17:58:24 +00:00
0031d01a28
Backing out my checkin to see if it fixes the Txul breakage
2002-06-27 23:32:51 +00:00
5ce8f55dd0
** checking in for mstoltz **
...
Disable scripts on the requested docshell and containing docshells. Also, made setCurrentURI() scriptable ( approved by Adam Lock ). b=154647, r=harishd, sr=jst
2002-06-27 20:58:42 +00:00
6f5d99be4c
133170 - Need to re-check host for security on a redirect after a call to
...
XMLHttpRequest.open(). For xmlextras, r=heikki, sr=jband. For caps,
r=bzbarsky, sr=jst
147754 - Add same-origin check to XMLSerializer. Patch by jst. r=mstoltz,
sr=jband
113351 - Add same-origin check to XSL Include. Patch by peterv and jst,
r=mstoltz, sr=rpotts
135267 - Add same-origin check to stylesheets included via LINK tags.
r=dveditz, sr=scc
2002-06-14 23:54:18 +00:00
c683a217ab
Fixes mozilla/strings requiring unfrozen nsCRT class. patch by scc, r=dougt, sr=jag, b=136756
2002-05-15 18:55:21 +00:00
6fd5862e6e
fixes bug 142870 "nsIFile should use UCS-2 instead of UTF-8"
...
r=dougt sr=alecf
2002-05-07 23:07:19 +00:00
7d003ba281
[Chrome FastLoad]
...
Ensure that principals are written as Compound Objects using |WriteCompoundObject|, not using |WriteObject|
r=mstoltz, sr=brendan
2002-05-03 03:00:46 +00:00
e554d83626
fixes bug 129279 "nsIFile unicode/utf8/ascii task"
...
r=dougt sr=alecf
2002-04-27 05:33:09 +00:00
8b4ac18c14
Bug 136993 - Put the "trusted codebase principals" feature back in.
...
r=harishd, sr=jst, a=valeski
2002-04-13 01:53:46 +00:00
e73746ce67
fixes bug 134546 "Memory leak in nsScriptSecurityManager::GetBaseURIScheme()"
...
patch=pj@ludd.luth.se , r=mstoltz, sr=darin, a=rjesup@wgate.com
2002-04-03 20:23:57 +00:00
03fe97372a
A bunch of fixes in caps:
...
128697 - Added a pref listener for changes to capability.policy prefs,
removed profile-change listener
131025 - Removed insecure "trusted codebase principals" feature
131340 - Make nsCodebasePrincipal::Equals handle jar URLs correctly
131342 - Clean up privilege-grant dialog code
128861 - class policy hashtables allocated only when needed; avoids
PLDHash memory-use warning
Fixed comparison of -1 and 80 ports (Can't find the bug # right now)
All r=harishd, sr=jst, a=asa.
2002-03-20 05:53:46 +00:00
dec943eb10
Bug 106386 rid source of misspellings
...
r=db48x sr=blake a=asa
2002-03-19 04:30:17 +00:00
e5d4028f9d
fix bug 129635 - write a destructor for DomainPolicy so that the hashtable is destroyed
...
(and not leaked!)
r=mstoltz, sr=vidur, a=asa
2002-03-10 00:41:08 +00:00
35fde24f6c
Bug 129503, "IsCapabilityEnabled should return PR_TRUE if no script on stack"
...
sr=brendan, r=mstoltz, a=asa
If the js stack has no principals on it, return PR_TRUE from IsCapabilityEnabled
. Currently, the only time we'd have a stack devoid of principals is when all f
unctions are native. If this assumption changes, this may need to be revisited
(depending on what it would mean to be a compiled script without a principal.)
2002-03-08 02:20:55 +00:00
f1a6738b6c
fixes bug 124042 "support internationalized URIs" r=dougt, sr=alecf, a=asa
2002-03-06 07:48:55 +00:00
3ac1b33f9c
remove stale DEBUG_jband block. rs=jband a=dbaron
2002-03-05 08:02:05 +00:00
18c8067fae
Bug 127938 - chrome scripts should be exempt from the security check put in for
...
bug 105050, on access to the opener property when the opener is a mail window.
r=pavlov, sr=jst, a=leaf.
2002-02-28 00:22:59 +00:00
75f6bd3583
partially backing out my last change - weird dependency problem
2002-02-26 05:28:26 +00:00
82659b14ca
32571, present confirmation dialog before allowing scripts to close windows.
...
105050, pass null window.opener when opener is a mail window.
both r=heikki, sr=jst, a=asa.
Backed out previously because of tinderbox problem, which should be fixed now.
2002-02-26 04:50:21 +00:00
beae4f7953
Fixing bug 111529. Optimizing out unnecessary QI calls from nsScriptSecurityManager::GetObjectPrincipal() and doing some other minor cleanups and speedups. r=nisheeth@netscape.com, sr=jband@netscape.com
2002-02-20 05:51:05 +00:00
124339899e
eliminate nsCRT::strlen for char* strings (part 1), bug 124536 r=dp sr=brendan
2002-02-19 07:36:56 +00:00
1a3a52cce7
Backing out mstoltz. r=dbaron,jrgm
2002-02-19 04:06:53 +00:00
cc94447571
Bug 105050 - return null window.opener to scripts if opener is a mail window.
...
Bug 32571 - Prompt user before allowing scripts to close windows if opener is null.
both r=heikki, sr=jst.
2002-02-19 01:09:45 +00:00
cbcd4c677a
OS/2 bustage - callback needs to be in header
2002-02-13 13:30:06 +00:00
4756b7169c
Bug 119646 - Rewrite of the security manager policy database for improved
...
performance. r=jst, sr=jband.
2002-02-13 04:20:46 +00:00
5483b6f627
one more part of fix for bug 107575, including the much coveted whitespace
...
remove aIgnoreCase parameter from all nsString and nsCString consumers
sr=jag, r=shaver
2002-02-01 01:53:09 +00:00
d133d4956f
Making the nsModuleComponentInfo data const; bug 74803. r=dp, sr=waterson
2002-01-30 21:14:20 +00:00
45bfbf0658
Landing the rest of the win32 gmake changes:
...
* Adds Makefile.ins to win32 specific dirs
* Adds WINNT ifdefs to Makefile.ins
* Causes NSPR to be compiled with --with-mozilla
* Misc general Makefile.in cleanup
Bug #58981 r=mcafee
2001-12-18 09:14:29 +00:00
97b0530073
Bug 104158: Use NS_LITERAL_STRING instead of XXXWithConversion("..."). r=bryner, rs=alecf
2001-12-16 11:58:03 +00:00
cb9ae92896
Bug 107387 - rename security.properties to caps.properties. r=nhotta, rs=jst.
2001-12-12 04:43:35 +00:00
993cd4c06f
Bug 98349 - Convert Mac build to CW7 and XML projects. Removing obsolete .mcp files. r=pink/sr=sfraser
2001-12-11 04:54:47 +00:00
6d8ea78b52
Adding new files for conversion to CW7 and XML project files. Bug 98349 r=pink/sr=sfraser.
2001-12-10 20:25:12 +00:00
3c9f658ac2
Bug 109113 - misplaced #ifdef DEBUG caused fix not to work in opt builds.
...
Moved #endif to exclude important call. r/sr=jst.
2001-11-27 00:29:20 +00:00
ee23501c42
trivial patch to make what is supposed to be a warning really a warning instead of an assert. rs=jband
2001-11-22 23:26:34 +00:00
99fc30ce49
Fixing mac debug bustage. Patch suggested by jst, sr=jst.
2001-11-16 10:50:33 +00:00
25276e6b94
Bug 109113, second half of fix. r=jst, sr=brendan. Adding new CheckObjectAccess
...
callback to enforce the same-origin policy on function.caller.
2001-11-16 06:17:24 +00:00
8cd8d91750
Ensure that string literals are used as |const char*| rather than |char*|. r=jag sr=brendan b=107052
2001-11-07 06:24:10 +00:00
be10c3b1a8
Backing out fix for remote mach-o builds as it left mach-o builds fragile.
...
Add TK_CFLAGS back to default CFLAGS/CXXFLAGS.
Bug #107696
2001-11-03 03:29:05 +00:00
8a2a775382
Since '-framework Carbon' causes binaries to require console access to run, do not link using that flag by default. Otherwise, remote builds & non-console tinderboxes will break. Mac OSX Mach-O only.
...
Bug #107696 r=mozbot
2001-11-01 00:54:48 +00:00
f634fa73d2
bug 106535, adding the ability to enable codebase principals for a single host
...
instead of for all hosts. r=vidur, sr=jst.
2001-10-26 23:00:48 +00:00
45107c0d97
Bug 53057: Fixing up users of implicit |CharT*| conversion operators for nsCString to use |.get()| instead, rr=dbaron, rs=scc
2001-10-25 06:13:52 +00:00
73c9a1111f
Fix for bug 103883. Add weak ref support for prefs observers to help reduce MLK cycles with preferences. r=ccarlen, darin, gordon, hewitt, mstoltz, srilatha, sspitzer. sr=alecf.
2001-10-22 20:54:48 +00:00
d18d7e2b17
nsIObserver and nsIObserverService API freeze. r=rpotts@netscape.com, alecf@netscape.com. bug 99163
2001-10-19 20:52:59 +00:00
8986a0ad12
Make CAPS correctly observe changes to capability.policy prefs. Needed
...
for having UI for these suckers. Bug 101150, r=mstoltz,sr=jst
2001-10-02 21:56:51 +00:00
ca6197295f
Bug 100476: Convert uses of member functions ToNewUnicode, ToNewCString and ToNewUTF8String to their global versions and remove support from nsCString and nsString. r=dbaron, rs=scc
2001-09-29 08:28:41 +00:00
11248436dd
License changes, take 2. Bug 98089. mozilla/config/, mozilla/caps/, mozilla/build/.
2001-09-25 01:03:58 +00:00
1856815ff1
Oops.
2001-09-20 00:02:59 +00:00
102170b2a0
bug #98089 : ripped new license
2001-09-19 20:09:47 +00:00
d1a7bfa843
One module per line for REQUIRES. r=/sr=alecf
2001-09-18 22:01:13 +00:00
dc40187223
Bug 73353: splitting the modules on the REQUIRES lines in Makefile.in across multiple lines to more clearly show the changes made. sr=alecf
2001-09-18 13:41:47 +00:00
1e0e7dd033
Add REQUIRES to many modules for win32 support, bug 98372 r=cls
2001-09-12 20:32:40 +00:00
14bd719214
attempt to fix HP-UX and and some other Unix bustages. r=cls
2001-08-29 07:24:39 +00:00
3f22e806ad
bug 86799, adding support for wildcard security policies of the form
...
"capability.policy.group.*.property". Also added additional optimizations
and changed copy-initialization of NSCOMPtrs to direct initialization
throughout the file. r=harishd, sr=jst, a=asa.
2001-08-29 02:05:48 +00:00
113ad642ae
Replace uses of deprecated NS_IMPL_ISUPPORTS and NS_IMPL_QUERYINTERFACE macros with NS_IMPL_{ISUPPORTS,QUERYINTERFACE}{1,0}. r=jag rs=brendan b=45797
2001-08-21 01:48:11 +00:00
529028c336
Project cleanup, rs=scc. Don't link with OJI, which is a component.
2001-08-15 23:09:21 +00:00
a3c1dd1b09
Use NS_PTR_TO_INT32 macros to do 64-bit safe pointer conversions.
...
Bug #20860 r=Roland.Mainz@informatik.med.uni-giessen.de sr=brendan@mozilla.org
2001-08-14 07:59:59 +00:00
880f5907bc
86984 - make history.length sameOrigin-accessible. Security prefs change.
...
91714 - CheckLoadURI should trest 'safe' and 'unsafe' about: URLs as different protocols
56260 - 'Remember This Decision' in signed script grant dialog should default to unchecked
83131 - More descriptive security error messages
93951 - Added null check in GetBaseURIScheme to prevent crash.
All bugs r=jtaylor, sr=jst
2001-08-14 00:18:58 +00:00
9e5cfdfda2
Shrink principals struct back to where it was last week -- but it could go further (93043, r=shaver, sr=jst).
2001-08-09 01:15:57 +00:00
01d4c02b07
I'm such a C luddite.
2001-08-07 04:45:27 +00:00
49c0102cdf
Restore scriptable nsIClassInfo.classID but add fast/C++-only classIDNoAlloc; define and use nsIClassInfo::EAGER_CLASSINFO in caps (93792, sr=waterson&jst).
2001-08-07 03:59:29 +00:00
1b5e7659c9
82495 - Support for the view-source protocol in CheckLoadURI
...
87887 - don't call InitPolicies or InitPrincipals if there are no prefs to process
83902 - Use weak reference to pref branch to avoid reference cycle
91619 - was leaking a char* - use nsXPIDLCString instead
86932 - Add support for per-site JS disabling to CanExecuteScripts
all bugs r=jesse, sr=dougt
2001-08-02 20:32:48 +00:00
dbd7fed5b1
FASTLOAD_20010703_BRANCH landing, r=dbaron, sr=shaver.
2001-07-31 19:05:34 +00:00
e91f8a147e
Bug 86734: Remove NS_WITH_SERVICE. r=dbaron, rs=scc, a=asa
2001-07-25 07:54:28 +00:00
cb0faab070
Bug 73353: clean up the REQUIRES lines in Makefiles.
2001-07-23 22:36:12 +00:00
aa4fec2b67
Header include dependency cleanup. b=64023 r=jag rs=brendan
2001-07-16 02:40:48 +00:00
f3d9b0caa1
Bug 77485 - defining a function in another window using a targeted javascript:
...
link. Prevent running javascript: urls cross-domain and add a security check for adding
and removing properties. r=harishd, sr=jst.
2001-07-13 07:08:26 +00:00
5a6317b8a5
Bug 88413: Remove |GetUnicode()| from nsString (and replace it with |get()|). r=dbaron, rs=scc.
...
This removes all call-sites I can currently fix. Tomorrow I'll try to get someone to checkin my changes to security/ and I'll get some help with the Netscape side of things.
nsString::GetUnicode()'s final death-blow will be dealt soon. Please keep this in mind as you add new code :-)
2001-06-30 11:02:25 +00:00
f4de90c798
86019 - Change stack-walking code in caps to keep functions from inheriting privileges
...
from their caller. r=jesse@netscape.com , sr=jst@netscape.com , a=asa@mozilla.org , PDT+
86982 - Add same-origin security check to XMLDocument::Load(). r,a=blizzard@mozilla.org,
sr=jst@netscape.com
84191 - Fixing regression in Open URL dialog by not calling CheckLoadURI when it isn't
needed. r=cmanske@netscape.com , sr=sfraser@netscape.com , a=asa@mozilla.org
2001-06-22 02:08:10 +00:00
b74d6e1c8b
Land STATIC_BUILD_20010612_BRANCH, which supports building mozilla with components statically linked into the executable, as well as 'meta modules' that combine components into uber-DLLs.
2001-06-20 20:21:49 +00:00
9d35ed31a4
Fix bad getters on nsIDocument and nsIScriptContext to use out params rather than return |AddRef|ed pointers. b=81289 r=jaggernaut sr=jst a=asa
2001-06-20 03:27:48 +00:00
a8fb409c6e
bug #85271 : sr=waterson, r={beard, jag, dbaron}, a=asa. Eliminate features of |nsXPIDLC?String| that keep it out of the string hierarchy (i.e., using assigment to rebind ownership, static |Copy| members, and |getter_Shares|), fixing some leaks in the process.
2001-06-17 05:23:38 +00:00
d6e2839371
bug 77485 - exploit inserting a function into another window using targeted
...
javascript URL links. Two-part fix: moving the call to GetCurrentDocumentOwner
in nsDocShell::LoadInternal to before the target docshell is called, and
changing nsScriptSecurityManager::GetFunctionObjectPrincipal to only get
the principal from the function object's scope chain if the function object's
principal is the system principal. r=jst, sr=vidur, a=asa.
2001-05-30 02:22:22 +00:00
24e6ca57c8
PCKS7 implementation for signed JS. Bug# 82227 r=mstoltz@netscape.com,sr=blizzard@mozilla.org,a=blizzard@mozilla.org
2001-05-23 22:06:43 +00:00
8c0cd58b30
Re-checking-in my fix for 47905, which was backed out last night because of a bug in some other code that was checked in along with it. This checkin was not causing the crasher and is unchanged. See earlier checkin comment - in short, this adds same-origin to XMLHttpRequest and cleans up some function calls in caps, removes some unnecessary parameters. r=vidur, sr=jst.
2001-05-19 00:33:51 +00:00
678b80f10b
Back out mstoltz because of blocker bug #81629 . Original bugs were 47905 79775.
2001-05-18 17:41:23 +00:00
11f7b8f900
Bug 47905 - adding security check for XMLHttpRequest.open.
...
Added nsIScriptSecurityManager::CheckConnect for this purpose.
Also cleaned up the security check API by removing some unnecessary
parameters. r=vidur@netscape.com , sr=jst@netscape.com
Bug 79775 - Forward button broken in main mail window. Making
WindowWatcher not call GetSubjectPrincipal if the URL to be loaded is
chrome, since the calling principal is superfluous in this case.
No one has been able to find the root cause of this problem, but
this checkin works around it, which is the best we can do for now.
r=ducarroz@netscape.com , sr=jst@netscape.com
2001-05-18 06:56:29 +00:00
f9c13993e0
Fixing bug 78831 - treat chrome and resource URLs the same in the
...
URL loading check and give them access to each other. r=pavlov,
sr=brendan. This allows us to turn on the fix (already reviewed)
for 69070.
2001-05-15 22:47:21 +00:00
6758786117
*** empty log message ***
2001-05-15 06:43:12 +00:00
475bbed189
bug 79445, fixing crash with some event handlers (null pointer dereference)
...
r/sr=brendan@mozilla.org . Also fixed a typo in prefs that would have reopened
bug 56009.
2001-05-15 04:44:54 +00:00
4e73efe1f2
bug 79916 - was using | instead of &, causing a security hole. r=jband, sr=brendan.
2001-05-11 00:53:21 +00:00
dougt%meer.net
dbaron%dbaron.org
brendan%mozilla.org
bzbarsky%mit.edu
timeless%mozdev.org
bryner%brianryner.com
gandalf%firefox.pl
bsmedberg%covad.net
cbiesinger%web.de
jshin%mailaps.org
jst%mozilla.jstenback.com
dveditz%cruzio.com
roc+%cs.cmu.edu
mkaply%us.ibm.com
gerv%gerv.net
darin%meer.net
neil%parkwaycc.co.uk
pkw%us.ibm.com
caillon%returnzero.com
cls%seawood.org
seawood%netscape.com
jst%netscape.com
mstoltz%netscape.com
harishd%netscape.com
dwitte%stanford.edu
dbradley%netscape.com
locka%iol.ie
rginda%netscape.com
bryner%netscape.com
sfraser%netscape.com
alecf%netscape.com
sspitzer%netscape.com
dougt%netscape.com
jkeiser%netscape.com
bbaetz%student.usyd.edu.au
henry.jia%sun.com
sicking%bigfoot.com
darin%netscape.com
ben%netscape.com
timeless%mac.com
jband%netscape.com
cathleen%netscape.com
mcafee%netscape.com
jaggernaut%netscape.com
ccarlen%netscape.com
peterv%netscape.com
dbaron%fas.harvard.edu
bnesse%netscape.com
scc%mozilla.org
waterson%netscape.com
ddrinan%netscape.com
blizzard%redhat.com