7cd400a26f
* Fix the following bugs by tightening the default security policy.
...
17977 [DOGFOOD] Reading documents using document.body
17538 document.lastModified is exposed
17537 document.images vulnerabilities
16036 [DOGFOOD] document.Element exposes the DOM of documents from
15757 [DOGFOOD] Injecting JS code using setAttribute and getElemen
15550 Injecting text in documents from any domain using createText
15067 [DOGFOOD] getElementsByTagName() allows reading of arbitrary
* Create an array of dom property policy types and initialize it when the script security manager is created.
* Move some implementation code to a new shared implementation base class.
* Implement privilege enabling, disabling and reverting
* Implement stack walking for checking privileges.
r=mstoltz@netscape.com
* Modify nsIPref to support security policy work.
r=neeti@netscape.com
1999-11-11 22:10:36 +00:00
142ac52eaf
updated xPL license boilerplate to v1.1, a=chofmann@netscape.com,r=endico@mozilla.org
1999-11-06 03:43:54 +00:00
e5c170a049
work on bug 7270.
...
r=mstoltz.
Implement netscape.security.PrivilegeManager callbacks.
1999-10-28 22:09:03 +00:00
f50d3df7c0
Added nsIChannel::GetOriginalURI so that we can get back to the original chrome file (bug#17144). r=rpotts,mscott
1999-10-26 09:16:24 +00:00
c99b609910
Add ability to disable JS. Fix 13978 shopping at webvan.com crashes
1999-09-17 20:13:52 +00:00
9acf604770
Add security support for javascript: uris.
1999-09-15 20:58:41 +00:00
0865f1cdaa
Create preferences for security checks.
...
Add new methods on nsIScriptSecurityManager for capabilities.
Fix 13739 MLK: nsScriptSecurityManager::CreateCodebasePrincipal
Fix 11666 Eliminate plvector (was: [infinite loop] bugs - plvector.c)
1999-09-15 04:05:43 +00:00
6ce2283719
Remove unused files.
1999-09-13 20:10:24 +00:00
dcf88dfe3b
Fix build breakage: full #include needed.
1999-09-07 21:26:56 +00:00
eb23e76298
Fix bug 13253.
...
Enable restrictions on use of Components array from web JavaScript.
1999-09-07 20:40:20 +00:00
51d59f6f69
Cleaned it up and eliminated the pointless #!gmake.
1999-09-01 23:27:16 +00:00
91d105de8f
nsIPrincipalManager.idl removed.
1999-09-01 01:34:11 +00:00
ec9d253f50
Add all-powerful system principals. Remove some dead code from the build.
1999-09-01 00:54:35 +00:00
155255be20
Adding new flag to the security check calls out of the DOM generated JS files.
1999-08-31 14:23:55 +00:00
d8507f844e
* clean up nsScriptSecurityManager
...
* remove nsJSSecurityManager
* save principals in nsIChannels and nsIDocuments
1999-08-29 21:58:42 +00:00
1b252b2e3b
includes updates to codbase matching security checks currently turned off
...
but in place. redefined the script security manager in caps and it is
now generating codebase principals.
1999-08-20 09:51:02 +00:00
1125dac5c8
removing public directory for good. fixed up nsPrivilegeManager.cpp
1999-08-08 21:04:16 +00:00
a1d83223f4
added a new and improved factory to caps module. fixed some bugs and
...
cleared some warnings. also move some methods of privilege manager to
principal manager.
1999-08-06 22:44:35 +00:00
0d16b83058
add a principal manager to caps api. everything is now xpidled so
...
i removed the public directory from the module.
1999-08-01 21:26:02 +00:00
387cbc374e
xpidling and updating nsTarget object. should resolve build errors on
...
SeaMonkey Ports
1999-07-28 05:43:26 +00:00
007ea62765
Cleaned it up and changed the name of libreg.{a,so} to libmozreg.{a,so} to fix the conflict reported in bug 8568.
1999-07-27 23:27:44 +00:00
d00edf950d
removed some enums and migrated them into nsPrivilege, nsIPrivilege and
...
nsPrivilegemanager. cleaning up some old code from the security module
and refining their api's and such like.
1999-07-27 00:50:59 +00:00
8dad60d09d
Fix to the caps security module. I removed the nsPrincipal struct, from now
...
on you can access principals by their xpcomed interface nsIPrincipal.
1999-07-24 03:58:23 +00:00
0fe0bc29cd
ignore the generated Makefile
1999-07-18 00:26:01 +00:00
587d04c222
idled principals interfaces and some fixes to caps manager...
1999-07-16 20:31:18 +00:00
f64740e501
Move several security files into idl. (Create idl directory in caps module.)
...
Implement methods of nsIXPCSecurityManager.
Fix random errors in DOM JS security.
1999-07-15 23:23:16 +00:00
norris%netscape.com
dmose%mozilla.org
warren%netscape.com
briano%netscape.com
joki%netscape.com
arielb%netscape.com
sspitzer%netscape.com