5483b6f627
one more part of fix for bug 107575, including the much coveted whitespace
...
remove aIgnoreCase parameter from all nsString and nsCString consumers
sr=jag, r=shaver
2002-02-01 01:53:09 +00:00
d133d4956f
Making the nsModuleComponentInfo data const; bug 74803. r=dp, sr=waterson
2002-01-30 21:14:20 +00:00
45bfbf0658
Landing the rest of the win32 gmake changes:
...
* Adds Makefile.ins to win32 specific dirs
* Adds WINNT ifdefs to Makefile.ins
* Causes NSPR to be compiled with --with-mozilla
* Misc general Makefile.in cleanup
Bug #58981 r=mcafee
2001-12-18 09:14:29 +00:00
97b0530073
Bug 104158: Use NS_LITERAL_STRING instead of XXXWithConversion("..."). r=bryner, rs=alecf
2001-12-16 11:58:03 +00:00
cb9ae92896
Bug 107387 - rename security.properties to caps.properties. r=nhotta, rs=jst.
2001-12-12 04:43:35 +00:00
993cd4c06f
Bug 98349 - Convert Mac build to CW7 and XML projects. Removing obsolete .mcp files. r=pink/sr=sfraser
2001-12-11 04:54:47 +00:00
6d8ea78b52
Adding new files for conversion to CW7 and XML project files. Bug 98349 r=pink/sr=sfraser.
2001-12-10 20:25:12 +00:00
3c9f658ac2
Bug 109113 - misplaced #ifdef DEBUG caused fix not to work in opt builds.
...
Moved #endif to exclude important call. r/sr=jst.
2001-11-27 00:29:20 +00:00
ee23501c42
trivial patch to make what is supposed to be a warning really a warning instead of an assert. rs=jband
2001-11-22 23:26:34 +00:00
99fc30ce49
Fixing mac debug bustage. Patch suggested by jst, sr=jst.
2001-11-16 10:50:33 +00:00
25276e6b94
Bug 109113, second half of fix. r=jst, sr=brendan. Adding new CheckObjectAccess
...
callback to enforce the same-origin policy on function.caller.
2001-11-16 06:17:24 +00:00
8cd8d91750
Ensure that string literals are used as |const char*| rather than |char*|. r=jag sr=brendan b=107052
2001-11-07 06:24:10 +00:00
be10c3b1a8
Backing out fix for remote mach-o builds as it left mach-o builds fragile.
...
Add TK_CFLAGS back to default CFLAGS/CXXFLAGS.
Bug #107696
2001-11-03 03:29:05 +00:00
8a2a775382
Since '-framework Carbon' causes binaries to require console access to run, do not link using that flag by default. Otherwise, remote builds & non-console tinderboxes will break. Mac OSX Mach-O only.
...
Bug #107696 r=mozbot
2001-11-01 00:54:48 +00:00
f634fa73d2
bug 106535, adding the ability to enable codebase principals for a single host
...
instead of for all hosts. r=vidur, sr=jst.
2001-10-26 23:00:48 +00:00
45107c0d97
Bug 53057: Fixing up users of implicit |CharT*| conversion operators for nsCString to use |.get()| instead, rr=dbaron, rs=scc
2001-10-25 06:13:52 +00:00
73c9a1111f
Fix for bug 103883. Add weak ref support for prefs observers to help reduce MLK cycles with preferences. r=ccarlen, darin, gordon, hewitt, mstoltz, srilatha, sspitzer. sr=alecf.
2001-10-22 20:54:48 +00:00
d18d7e2b17
nsIObserver and nsIObserverService API freeze. r=rpotts@netscape.com, alecf@netscape.com. bug 99163
2001-10-19 20:52:59 +00:00
8986a0ad12
Make CAPS correctly observe changes to capability.policy prefs. Needed
...
for having UI for these suckers. Bug 101150, r=mstoltz,sr=jst
2001-10-02 21:56:51 +00:00
ca6197295f
Bug 100476: Convert uses of member functions ToNewUnicode, ToNewCString and ToNewUTF8String to their global versions and remove support from nsCString and nsString. r=dbaron, rs=scc
2001-09-29 08:28:41 +00:00
11248436dd
License changes, take 2. Bug 98089. mozilla/config/, mozilla/caps/, mozilla/build/.
2001-09-25 01:03:58 +00:00
1856815ff1
Oops.
2001-09-20 00:02:59 +00:00
102170b2a0
bug #98089 : ripped new license
2001-09-19 20:09:47 +00:00
d1a7bfa843
One module per line for REQUIRES. r=/sr=alecf
2001-09-18 22:01:13 +00:00
dc40187223
Bug 73353: splitting the modules on the REQUIRES lines in Makefile.in across multiple lines to more clearly show the changes made. sr=alecf
2001-09-18 13:41:47 +00:00
1e0e7dd033
Add REQUIRES to many modules for win32 support, bug 98372 r=cls
2001-09-12 20:32:40 +00:00
14bd719214
attempt to fix HP-UX and and some other Unix bustages. r=cls
2001-08-29 07:24:39 +00:00
3f22e806ad
bug 86799, adding support for wildcard security policies of the form
...
"capability.policy.group.*.property". Also added additional optimizations
and changed copy-initialization of NSCOMPtrs to direct initialization
throughout the file. r=harishd, sr=jst, a=asa.
2001-08-29 02:05:48 +00:00
113ad642ae
Replace uses of deprecated NS_IMPL_ISUPPORTS and NS_IMPL_QUERYINTERFACE macros with NS_IMPL_{ISUPPORTS,QUERYINTERFACE}{1,0}. r=jag rs=brendan b=45797
2001-08-21 01:48:11 +00:00
529028c336
Project cleanup, rs=scc. Don't link with OJI, which is a component.
2001-08-15 23:09:21 +00:00
a3c1dd1b09
Use NS_PTR_TO_INT32 macros to do 64-bit safe pointer conversions.
...
Bug #20860 r=Roland.Mainz@informatik.med.uni-giessen.de sr=brendan@mozilla.org
2001-08-14 07:59:59 +00:00
880f5907bc
86984 - make history.length sameOrigin-accessible. Security prefs change.
...
91714 - CheckLoadURI should trest 'safe' and 'unsafe' about: URLs as different protocols
56260 - 'Remember This Decision' in signed script grant dialog should default to unchecked
83131 - More descriptive security error messages
93951 - Added null check in GetBaseURIScheme to prevent crash.
All bugs r=jtaylor, sr=jst
2001-08-14 00:18:58 +00:00
9e5cfdfda2
Shrink principals struct back to where it was last week -- but it could go further (93043, r=shaver, sr=jst).
2001-08-09 01:15:57 +00:00
01d4c02b07
I'm such a C luddite.
2001-08-07 04:45:27 +00:00
49c0102cdf
Restore scriptable nsIClassInfo.classID but add fast/C++-only classIDNoAlloc; define and use nsIClassInfo::EAGER_CLASSINFO in caps (93792, sr=waterson&jst).
2001-08-07 03:59:29 +00:00
1b5e7659c9
82495 - Support for the view-source protocol in CheckLoadURI
...
87887 - don't call InitPolicies or InitPrincipals if there are no prefs to process
83902 - Use weak reference to pref branch to avoid reference cycle
91619 - was leaking a char* - use nsXPIDLCString instead
86932 - Add support for per-site JS disabling to CanExecuteScripts
all bugs r=jesse, sr=dougt
2001-08-02 20:32:48 +00:00
dbd7fed5b1
FASTLOAD_20010703_BRANCH landing, r=dbaron, sr=shaver.
2001-07-31 19:05:34 +00:00
e91f8a147e
Bug 86734: Remove NS_WITH_SERVICE. r=dbaron, rs=scc, a=asa
2001-07-25 07:54:28 +00:00
cb0faab070
Bug 73353: clean up the REQUIRES lines in Makefiles.
2001-07-23 22:36:12 +00:00
aa4fec2b67
Header include dependency cleanup. b=64023 r=jag rs=brendan
2001-07-16 02:40:48 +00:00
f3d9b0caa1
Bug 77485 - defining a function in another window using a targeted javascript:
...
link. Prevent running javascript: urls cross-domain and add a security check for adding
and removing properties. r=harishd, sr=jst.
2001-07-13 07:08:26 +00:00
5a6317b8a5
Bug 88413: Remove |GetUnicode()| from nsString (and replace it with |get()|). r=dbaron, rs=scc.
...
This removes all call-sites I can currently fix. Tomorrow I'll try to get someone to checkin my changes to security/ and I'll get some help with the Netscape side of things.
nsString::GetUnicode()'s final death-blow will be dealt soon. Please keep this in mind as you add new code :-)
2001-06-30 11:02:25 +00:00
f4de90c798
86019 - Change stack-walking code in caps to keep functions from inheriting privileges
...
from their caller. r=jesse@netscape.com , sr=jst@netscape.com , a=asa@mozilla.org , PDT+
86982 - Add same-origin security check to XMLDocument::Load(). r,a=blizzard@mozilla.org,
sr=jst@netscape.com
84191 - Fixing regression in Open URL dialog by not calling CheckLoadURI when it isn't
needed. r=cmanske@netscape.com , sr=sfraser@netscape.com , a=asa@mozilla.org
2001-06-22 02:08:10 +00:00
b74d6e1c8b
Land STATIC_BUILD_20010612_BRANCH, which supports building mozilla with components statically linked into the executable, as well as 'meta modules' that combine components into uber-DLLs.
2001-06-20 20:21:49 +00:00
9d35ed31a4
Fix bad getters on nsIDocument and nsIScriptContext to use out params rather than return |AddRef|ed pointers. b=81289 r=jaggernaut sr=jst a=asa
2001-06-20 03:27:48 +00:00
a8fb409c6e
bug #85271 : sr=waterson, r={beard, jag, dbaron}, a=asa. Eliminate features of |nsXPIDLC?String| that keep it out of the string hierarchy (i.e., using assigment to rebind ownership, static |Copy| members, and |getter_Shares|), fixing some leaks in the process.
2001-06-17 05:23:38 +00:00
d6e2839371
bug 77485 - exploit inserting a function into another window using targeted
...
javascript URL links. Two-part fix: moving the call to GetCurrentDocumentOwner
in nsDocShell::LoadInternal to before the target docshell is called, and
changing nsScriptSecurityManager::GetFunctionObjectPrincipal to only get
the principal from the function object's scope chain if the function object's
principal is the system principal. r=jst, sr=vidur, a=asa.
2001-05-30 02:22:22 +00:00
24e6ca57c8
PCKS7 implementation for signed JS. Bug# 82227 r=mstoltz@netscape.com,sr=blizzard@mozilla.org,a=blizzard@mozilla.org
2001-05-23 22:06:43 +00:00
8c0cd58b30
Re-checking-in my fix for 47905, which was backed out last night because of a bug in some other code that was checked in along with it. This checkin was not causing the crasher and is unchanged. See earlier checkin comment - in short, this adds same-origin to XMLHttpRequest and cleans up some function calls in caps, removes some unnecessary parameters. r=vidur, sr=jst.
2001-05-19 00:33:51 +00:00
678b80f10b
Back out mstoltz because of blocker bug #81629 . Original bugs were 47905 79775.
2001-05-18 17:41:23 +00:00
11f7b8f900
Bug 47905 - adding security check for XMLHttpRequest.open.
...
Added nsIScriptSecurityManager::CheckConnect for this purpose.
Also cleaned up the security check API by removing some unnecessary
parameters. r=vidur@netscape.com , sr=jst@netscape.com
Bug 79775 - Forward button broken in main mail window. Making
WindowWatcher not call GetSubjectPrincipal if the URL to be loaded is
chrome, since the calling principal is superfluous in this case.
No one has been able to find the root cause of this problem, but
this checkin works around it, which is the best we can do for now.
r=ducarroz@netscape.com , sr=jst@netscape.com
2001-05-18 06:56:29 +00:00
f9c13993e0
Fixing bug 78831 - treat chrome and resource URLs the same in the
...
URL loading check and give them access to each other. r=pavlov,
sr=brendan. This allows us to turn on the fix (already reviewed)
for 69070.
2001-05-15 22:47:21 +00:00
6758786117
*** empty log message ***
2001-05-15 06:43:12 +00:00
475bbed189
bug 79445, fixing crash with some event handlers (null pointer dereference)
...
r/sr=brendan@mozilla.org . Also fixed a typo in prefs that would have reopened
bug 56009.
2001-05-15 04:44:54 +00:00
4e73efe1f2
bug 79916 - was using | instead of &, causing a security hole. r=jband, sr=brendan.
2001-05-11 00:53:21 +00:00
59c995612e
Fixes for bugs 79796, 77203, and 54060. r=jband@netscape.com,
...
sr=brendan@mozilla.org
2001-05-11 00:43:27 +00:00
ac5e8e044c
more REQUIRES bustage fixing for senna; unicharutil dependency has been introduced because caps wants nsIDocShell which wants nsIPresContext
2001-05-10 18:48:46 +00:00
9cc635ad1c
Temporary workaround for the composer and other related problems caused by security manager problems, change by mstoltz@netscape.com, r=jst@netscape.com
2001-05-09 02:53:46 +00:00
f7460d0269
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
ac8ff4c8ea
Bug 78745 - nsIPromptService::ConfirmEx needs to be more flexible. r=valeski, sr=sfraser
2001-05-06 15:03:55 +00:00
afdac97c93
Check in for Ron Guilmette. r=shaver, sr=waterson. For intl r=nhotta. Changes for NS_IMPL_NSGETMODULE. bug #46775 .
2001-05-05 05:33:37 +00:00
4a13c64481
#76913
...
r=mstoltz, sr=brendan
Fix some calling convention - PR_ to JS_
2001-05-02 00:02:59 +00:00
00f28396a9
Set EXPORT_LIBRARY=1 in all pertinent Makefile.ins. Allows us to build the final link list as we traverse the tree. Bug #46775
2001-04-28 19:48:12 +00:00
00bca056ef
mozilla diffs r=tao, sr=alecf, commercial diffs r=syd, sr=syd/shaver. lower-casing JS calls to createBundle. removing un-used nsILocale param from nsIStringBundle::CreateBundle(). 76332
2001-04-27 21:30:24 +00:00
245d4eb76f
Backing out valeski
2001-04-27 05:53:22 +00:00
54db7dffa3
mozilla tree r=tao, sr=alecf. commercial tree r=syd, sr=syd/shaver. lowercasing the first char in JS method calls to createBundle. removing the dead locale parameter in the CreateBundle() method call. 76332
2001-04-27 04:16:22 +00:00
000d1011d5
Prefs API refactoring. Bug #46863 . r=valeski, sr=alecf.
2001-04-26 18:41:11 +00:00
c8128a5765
Bug 46859 - Remove UniversalDialog. r=valeski/sr=rpotts,sfraser/a=blizzard
2001-04-21 00:26:18 +00:00
97e89fd687
Backing out bnesse's fix for bug 46863 due to numerous types of runtime bustage on linux and windows. a=brendan.
2001-04-20 06:45:56 +00:00
b0baaeabc3
Landing PrefAPI refactoring bug 46863. r=valeski, sr=alecf, a=blizzard.
2001-04-19 22:21:39 +00:00
2b6e6516d2
More fixes for 55237, cleaned up CheckLoadURI and added a check on "Edit This Link." Also added error reporting (bug 40538).
...
r=beard, sr=hyatt
2001-04-17 01:21:44 +00:00
36a5d4dd8d
Fix leaks of global objects. b=76091 r=mstoltz@netscape.com sr=hyatt@netscape.com
2001-04-17 00:12:28 +00:00
a0daa1645d
75152: Remove GetVersionNumber stub in favour of upcoming, less-invasive
...
preloader strategy. r=jag, sr=attinasi.
2001-04-11 14:23:13 +00:00
72cea9bb38
Clean up MODULE/REQUIRES, bug=73353, r=cls
2001-04-08 08:33:11 +00:00
f332609125
Fix MOZ_TRACK_MODULE_DEPS (senna tinderbox) bustage by adding new header file dependencies to REQUIRES.
2001-04-07 04:29:01 +00:00
33594c68ff
removing use of nsNetSupportDialog. bug 72112 continued. r=hyatt,morse,mstoltz,various
2001-04-07 03:33:56 +00:00
8c0b9eaf97
65845 - new order files
2001-04-05 06:02:32 +00:00
169a621d42
preloader update. r=peterl, sr=attinasi
2001-04-03 22:58:59 +00:00
dacbb4faa9
Add "gfx2" and "imglib2" to REQUIRES lines in Makefile.in for MOZ_TRACK_MODULE_DEPS builds (e.g. senna)
2001-03-30 10:39:06 +00:00
10f34c2758
Fix MOZ_TRACK_MODULE_DEPS bustage
2001-03-23 08:44:39 +00:00
04dec4f28a
Fix MOZ_TRACK_MODULE_DEPS bustage.
2001-03-23 08:16:59 +00:00
519500116e
Bugs 55069, 70951 - JS-blocking APIs for mailnews and embedding. r=mscott, sr=attinasi.
...
Bug 54237 - fix for event-capture bug, r=heikki, sr=jband.
2001-03-23 04:22:56 +00:00
dbb8a13378
Fix 49334: gopher support, minor restructuring of directory viewer. necko: r=darin,dougt sr=rpotts other: r=waterson,mstoltz,jag sr=alecf
...
Fix 70404: assertions or datetime and finger. r=dougt, sr=rpotts
Both patches by Bradley Baetz (bbaetz@cs.mcgill.ca )
2001-03-14 02:42:39 +00:00
edb387e49c
71057 sr=waterson new order files. NOT PART OF THE REGULAR BUILD
2001-03-13 10:47:37 +00:00
68017cb9e2
sr=rpotts, r=gagan. 70743. switching over to new extensible URI::SchemeIs() api
2001-03-13 02:02:05 +00:00
2b0091da37
Adding aim protocol to the list. No Specific bug number. r=syd. sr=mstoltz
2001-03-07 05:58:45 +00:00
3d142549b8
Switch from NS_STATIC_CAST to NS_REINTERPRET_CAST to fix bustage on Mac. r=mstoltz
2001-03-02 01:13:35 +00:00
33c8110175
bug 47905, adding security check to XMLHttpRequest.open(). r=heikki, sr=brendan
2001-03-02 00:09:20 +00:00
199c935b04
# 65845 sr=waterson, new order files will greatly reduce the number of link warnings.
2001-02-27 04:38:19 +00:00
6ddb173736
bug 63451 - moved signature verification functions from nsIZipReader to nsIJAR. r=sgehani, sr=shaver
2001-02-23 00:15:04 +00:00
a6f2f5861a
Mass REQUIRES update to synch up with string lib and xul changes in an attempt to fix senna bustage. r=jst, sr=cls
2001-02-22 09:35:51 +00:00
5dbb3f0b61
Bug 66331, nsCodebasePrincipal::GetOrigin needs to specify the port
...
if nonstnandard. Fixes a bug in LiveConnect. r=dougt, sr=jband.
2001-02-14 00:27:34 +00:00
10d25d3581
65845 First cut of the order files
2001-02-13 02:34:59 +00:00
7f321c0039
fix for bug #63466 , r=mstoltz, sr=brendan, a=leaf
2001-02-12 07:47:28 +00:00
79713bc4c2
Optimization for scheme comparison of URIs. See bug 66577 for details. r=darin, sr=brendan@mozilla.org
2001-01-31 01:33:03 +00:00
41054417f6
Bug 66369, adding support for per-file permissions granting to caps. r=jst, sr=jband.
2001-01-27 01:42:20 +00:00
e0ba7c504e
Removing .cvsignore file so this directory will go away. Not part of build.
2000-12-28 21:08:29 +00:00
b3d21fb8f4
fix bug 55506. If seman was initialized too early then it was failing to register its nameset. This happened on first run when JS Component Loader would use the secman. The result was that all calls to the security manager via JavaScript would fail for that session. This fixes that by continuing to try to register the nameset until it actually succeeds. r=mstoltz a=brendan
2000-11-30 05:32:08 +00:00
66a18fcbbf
Resurrect REQUIRES so that we have some sort of means to track intermodule dependencies. Bug #59454 r=blizzard@mozilla.org
2000-11-20 07:16:06 +00:00
5dd72c255e
Make nsDestroyJSPrincipals stop confusing the leak stats by calling AddRef, but not when the refcount is 0. r=mstoltz@netscape.com sr=brendan@mozilla.org b=59135
2000-11-08 03:06:57 +00:00
e875395364
Fixing bugscape 3109, LiveConnect exploit. sr=jband, brendan.
...
Fixing 58021, exploit in "open in new window," bug 55237. sr=brendan
2000-11-07 01:14:08 +00:00
886042fb63
Bug 57937, signed frames denied access to unsigned frames. r=mccabe, sr=brendan
2000-10-30 20:05:07 +00:00
cd56c0575b
Bug 47207. Backing out logging/PRINTF changes until we can fix stopwatch.h, introduce double parens, etc.
2000-10-28 22:17:53 +00:00
9a6d92a433
Bug 47207. Changing printf to PRINTF to use new logging facility. r=valeski,sr=waterson
2000-10-27 22:43:51 +00:00
729c07b2f0
Bug #48403 --> don't allow JS running in a mailnews sand box to change the name of it's containing iframe.
...
this code was contributed by mstoltz.
r=beard, sr=mscott
2000-10-24 00:52:02 +00:00
3da7c0c668
Bug 13871: Prevent frameset spoofing r=mstoltz, sr=mscott, a=rpotts
2000-10-19 10:25:49 +00:00
f1137e89ec
Fixing 56009, exploit allowing XPConnect access. r,a=hyatt, sr=scc
2000-10-13 22:59:47 +00:00
b3f1af8772
Fixing 52497, security problem in document.implementation, r=jst a=brendan
2000-09-20 23:38:28 +00:00
181bb2dcb2
Landing jar packaging from jar_restructuring_branch. r=hyatt,dprice,sfraser,dveditz,vishy,sgehani
2000-09-20 19:35:24 +00:00
267dc6688d
fix memory corruption bug 52382. r=mstoltz
2000-09-14 08:48:53 +00:00
0257791053
Bug 37275, Changing value of all progids, and changing everywhere a progid
...
is mentioned to mention a contractid, including in identifiers.
r=warren
2000-09-13 23:57:52 +00:00
fbf1607c62
Fix warning which requires a return value from functions
...
r= brendan@mozilla.org scc@mozilla.org
#= 52254
2000-09-13 11:29:18 +00:00
c063d33489
bug 44147, caps grant dialog now being created from DOMWindow->GetPrompter instead of nsIPrompt service. r=dbragg
2000-09-09 00:53:21 +00:00
63ce73fabf
bug 50304, adding "static" to security policy struct, should save some memory and time. r=rogerl
2000-09-07 19:03:23 +00:00
084f48c90f
more GCC fixes
2000-09-03 06:41:18 +00:00
85b41b9623
Not part of build. Adding security regression test suite driver (mozDriver).
2000-08-29 21:50:56 +00:00
e5e279fe36
bug#49786 Caching frequently used progid: nsThreadJSContextStack r=waterson
2000-08-22 06:02:14 +00:00
ea5d41851a
Fixing 41876 r=hyatt, also 48724, 49768, and crasher in nsBasePrincipal.cpp, r=jtaylor
2000-08-22 02:06:52 +00:00
a94aa1aa52
Fix for hash code performance problem discovered by bienvenu. 'Sampling' hash code was statistically evil.
2000-08-20 21:29:10 +00:00
f66cde2438
Fix 47354 and 39975 by providing a system-privileged scope backstop for
...
JS Components, and teaching the ScriptSecurityManager to check for
XPC-wrapped native objects in the scope chain when looking for an
object's principal. r=jband/a=brendan
2000-08-16 04:01:02 +00:00
c3182f98ef
Changing the nsDirectoryService define. This should have been done with the rest of the nsDirectorySerivce changes. r=conrad.
2000-08-14 22:38:27 +00:00
e2560fe87a
Fixes bug #45877 . r=mstoltz.
2000-08-11 03:11:24 +00:00
84b5fd67e3
Bug 46711. Removed nsAutoString travisty from nsStringKey. Introduced nsCStringKey. Made them both share the underlying string when possible. r=waterson
2000-08-10 06:19:37 +00:00
2c1dd9e9ec
fix bug 47410. Allow JS components to implement nsISecurityCheckedComponent and have sidebar componnet implement it to allow access from untrusted scripts. a=brendan@mozilla.org a=johng@netscape.com
2000-08-08 23:59:32 +00:00
da15eda254
Getting jar files in shape. Mostly works on unix, status bar missing (not in build yet).
2000-08-02 06:48:45 +00:00
b65db40d35
Fixing 40159, nasty infinite recursion on startup. r&a=beard
2000-07-26 04:53:01 +00:00
3910fcba0b
fix for 42387, r=dveditz
2000-07-20 01:16:15 +00:00
a8545c4aed
Fixing 40159 and 44822, both [nsbeta2+] regressions on signed scripts. r=sgehani
2000-07-12 03:10:33 +00:00
e87a1b7b11
Start tedious process of removing obsolete mozilla/include files from build. This patch should take us down to 19 of 101. Bug #38061
2000-07-10 07:13:31 +00:00
d1da06c856
DOM properties default to same origin access only. Bug 28443. r=rginda
2000-07-05 19:08:20 +00:00
36783deb8e
Added the IDL file for Vidur.
2000-06-23 15:22:38 +00:00
79c210a6b9
Checking in for mccabe, since he had to leave town. Partial fix for bug 41429. Adding a new interface that components can implement to control the capabilities needed for XPConnect access to them - default is UniversalXPConnect. r=vidur
2000-06-23 14:32:38 +00:00
786f234766
Part of fix for 38117, prevent scripts from running event handlers on windows from other domains. r:mstoltz
2000-06-21 00:21:50 +00:00
f458590f07
Dogfood bug 42076 - allowing file:// urls to load chrome:// URLs. r=evaughan.
2000-06-16 22:22:38 +00:00
512c8bf433
Renaming nsIAllocator to nsIMemory (and nsAllocator to nsMemory). API cleanup/freeze. Bug #18433
2000-06-03 09:46:12 +00:00
8256c128d9
On Mac, we should look for systemSignature.jar in Essential FIles, not the bin directory. Bug 40468, r=sgehani, a=clayton.
2000-06-02 22:22:11 +00:00
e0c61ab51a
Fix for 16858 w/o breaking directory browser. r=waterson a=beard
2000-06-01 23:57:48 +00:00
40dc18d415
Fixed bug in DOM security checks, fixes bug 37907, 23516. Added security check for htmlelement.innerhtml, fixes 39083. Added location check to BASE HREF=, fixes 35859. r=vidur. Added check to style= tag, fixes 16858, r=pierre.
2000-05-26 23:28:40 +00:00
a8000b8bb5
Mass replace of -lmozjs with $(MOZ_JS_LIBS) needed for OS/2 and consistency.
2000-05-17 06:45:45 +00:00
ead929a4a4
Allow scripting of plugins by untrusted web scripts. Bug 36375.
2000-05-17 02:38:22 +00:00
11718e9f56
Removing archive attribute from nsCertificatePrincipal. This will not be used.
2000-05-16 22:37:38 +00:00
e260596697
Fixing bustage in nsCertificatePrincipal.cpp
2000-05-16 04:15:56 +00:00
e0fc50a6d4
Fixes for 32878, 37739. Added PR_CALLBACK macros. Changed security.principal pref syntax to a nicer syntax. Removed "security.checkxpconnect" hack.
2000-05-16 03:40:51 +00:00
0d46d1e3f2
correct typo in last checkin
2000-05-14 10:38:48 +00:00
67209592fb
new chrome hierarchy
2000-05-14 10:37:30 +00:00
c0ae0cbbf6
top-level chrome dirs are now packages,locales,skins
2000-05-13 21:29:08 +00:00
383fdc142e
string backsliding. r=mjudge
2000-05-12 07:53:02 +00:00
85d27fc1b1
added files: mozilla/caps/idl/nsISignatureVerifier.idl
2000-05-10 01:50:00 +00:00
74488c46a3
Removed dependency of libjar on psm-glue, bug 36853. Fixed out parameter type problem in PSMComponent::HashEnd
2000-05-10 01:49:33 +00:00
e4c6cab6d9
Replace implementation of nsISupports with thread-safe version. This allows
...
SSL/HTTPS operations to complete on debug builds with thread-safety checking.
r=bryner
2000-05-03 00:04:48 +00:00
ad755522c3
Added archive attribute to nsICertificatePrincipal...part of fix for 37481.
2000-05-01 23:39:51 +00:00
7e37fb4356
1) Added support for loading an XML document "out of band" from script and manipulating it via dom interfaces.
...
2) Fixed compile errors in XSL glue code that happened after the recent nsString landing by scc.
3) Added a check for a null URI before de-referencing it in nsCodeBasePrincipal.cpp.
2000-05-01 06:58:53 +00:00
0274ea8235
Fix bustage on Sun and HP compilers...was casting void* to PRInt16. Added intermediate cast.
2000-04-26 20:54:02 +00:00
9bb975256e
Fixes for 27010, 32878, and 32948.
2000-04-26 03:50:07 +00:00
84c0a0901a
Do something safe if this call fails
2000-04-25 04:50:49 +00:00
da50b52420
fixed bug 17100 - [FEATURE] enabled partial message download for pop3
2000-04-25 01:48:00 +00:00
57feeae5ec
Backing out changes until I can figure out why it's crashing on startup.
2000-04-23 21:25:39 +00:00
62bffdd26e
Fixes for bugs 27010, 32878, 32948.
2000-04-23 20:30:29 +00:00
d0d8c4d5c3
dist...chrome restructuring
2000-04-19 21:42:30 +00:00
e84a7d5347
making string conversions explicit
2000-04-15 05:29:33 +00:00
e356de6476
Fix
...
28390, 28866, 34364
r=brendan@mozilla.org
35701
r=jst@netscape.com
2000-04-14 03:14:53 +00:00
16e912ab31
# 34082
...
r= warren@netscape.com
OS/2 Visual Age build - Adding PR_CALLBACK to some functoins for linkage
2000-04-05 02:32:07 +00:00
f6740baa20
Moved static MOZ_COMPONENT_NSPR_LIBS, MOZ_COMPONENT_XPCOM_LIBS, MOZ_COMPONENT_LIBS definitions from configure.in to config.mk. Replaced -lxpcom in Makefiles to $(XPCOM_LIBS) so that we can optionally link against -lboehm when needed. Bug #31287
2000-04-04 04:46:38 +00:00
c05019b2a8
making string conversions explicit
2000-04-01 00:39:02 +00:00
4ea707a4ba
make string conversions explicit
2000-04-01 00:36:50 +00:00
89f8378252
turn on source browser in debug build; moved camelot added files into their right spots
2000-04-01 00:32:53 +00:00
efa5624e14
Fixed bug 30915 using nsAggregatePrincipal. r=norris
2000-03-31 00:31:18 +00:00
727f312b32
Necko API changes: primarily nsIChannel, changing initialization parameters to accessors. Got javascript: evaluation to happen at the right time (when AsyncRead is called) as well as on the right thread.
2000-03-29 03:58:50 +00:00
11c6f51246
small changes to clients of string conversion APIs
2000-03-26 01:19:41 +00:00
4eb52aa84b
Fix
...
32088 Circumventing Same Origin security policy using javascript: URLs
32040 about: can't be link
Also remove deprecated method
r=mstoltz
2000-03-24 22:15:37 +00:00
593a12b912
Fix bug 32904 Asserts at startup in nsScriptSecurityManager.cpp
...
r=mstoltz
2000-03-23 23:42:46 +00:00
e5f86d1226
heckLoadURI now handles jar: URL's correctly. r=norris
2000-03-23 04:37:37 +00:00
ea9d7682c1
Fix 31998 nsScriptSecurityManager not thread safe breaks table regress
2000-03-21 23:12:16 +00:00
d655019842
added files: mozilla/caps/idl/nsIAggregatePrincipal.idl
2000-03-21 04:06:47 +00:00
672a1c6484
added files: mozilla/caps/src/nsAggregatePrincipal.cpp
2000-03-21 04:06:33 +00:00
7d053b70b0
Adding nsAggregatePrincipal support. r=norris
2000-03-21 04:05:35 +00:00
060e388a6b
Files:
...
caps/idl/nsICertificatePrincipal.idl
caps/idl/nsIPrincipal.idl
caps/src/nsBasePrincipal.cpp
Implement the ability to manipulate multiple capabilties simultaneously.
r=mstoltz@netscape.com
Files:
caps/src/nsCodebasePrincipal.cpp
Codebase equality should be based upon origin, not full path.
r=mstoltz@netscape.com
Files:
caps/src/nsScriptSecurityManager.cpp
Change URI checking to deny based upon scheme rather than allow based upon
scheme for greater flexibility.
r=mstoltz@netscape.com
Files:
dom/public/nsDOMPropEnums.h
dom/public/nsDOMPropNames.h
dom/src/base/nsGlobalWindow.cpp
modules/libpref/src/init/all.js
Fix bug 20469 Seeing JS functions and global variables from arbitrary host
r=vidur@netscape.com
Files:
dom/src/base/nsJSUtils.cpp
dom/src/base/nsJSUtils.h
dom/src/base/nsJSEnvironment.cpp
dom/tools/JSStubGen.cpp
layout/base/src/nsDocument.cpp
layout/html/content/src/nsGenericHTMLElement.cpp
Improve performance by removing NS_WITH_SERVICE call for every DOM access.
Propagate XPCOM failure codes out properly.
r=vidur@netscape.com
Files:
layout/html/document/src/nsFrameFrame.cpp
Fix 27387 Circumventing Same Origin security policy using setAttribute
r=vidur@netscape.com
2000-03-11 06:32:42 +00:00
e81e4f8fa6
Fix 29419 nsScriptSecurityManager should do casinsensitive compaires
...
Patch submitted by andreas.otte@primus-online.de
r=norris,a=jar
2000-03-08 04:57:05 +00:00
f28f63a5d7
This allows clicked "finger:" links to work. r=norris@netscape.com.
2000-02-26 23:37:08 +00:00
bdef85f8cd
Fix meta refresh problems with etrade, etc.
...
r=mstoltz
a='do the right thing'
2000-02-24 19:17:59 +00:00
d64387736b
Fix 28612 META Refresh allowed in Mail/News
...
r=mstoltz,a=jar
Fix 28658 File upload vulnerability
r=vidur,a=jar
2000-02-23 22:34:40 +00:00
5a9d717919
Work around bug where dialog message is truncated.
...
a=chofmann,r=mstoltz
2000-02-19 00:37:02 +00:00
5567200a75
Fix 18439 windows.status allows reading links
...
r=mstoltz
2000-02-11 04:18:39 +00:00
96add55c93
For some reason the sun compiler doesn't like the ?: assignment.
2000-02-10 06:24:38 +00:00
72152baded
Fix bad separator in Makefile problem.
2000-02-10 05:33:49 +00:00
2b4b436f5f
Fix 25062 Reload vulnerability
...
25206 Reload vulnerability #2
Implement grant dialogs and persistence for capabilities.
most r=mstoltz, some code from morse w/ r=norris
2000-02-10 04:56:56 +00:00
73802d6f2e
Pro5 update
2000-02-07 23:06:04 +00:00
b5850888fc
Fix crash in nsCodebasePrincipal::Equals when browser.registration.enable is set to true.
...
r=racham
2000-02-03 23:47:00 +00:00
c68664297c
Fix domain generalization for site-specific security policy.
...
also fix bug with enablePrivilege.
r=mstoltz
2000-02-03 23:28:36 +00:00
49568eb54e
fix paths for move to CW5 (bug #25779 )
2000-02-02 15:27:53 +00:00
c04c4d51f9
Fix bug #25864 watch() vulnerability
...
r=vidur,rogerl
2000-02-02 00:22:58 +00:00
6d132fae66
Fix warning.
2000-01-27 15:59:34 +00:00
7ec9655d07
Fix 23227 Document object vulnerability
...
r=mstoltz
2000-01-26 15:33:57 +00:00
eef6de8432
Lots of xpconnect bug fixes...
...
- fix bug 12954 "should throw when setting non-settable props".
- fix bug 13418 "xpconnect needs to be threadsafe".
I think I filled in the cracks. Tests would be nice :)
- fix bug 22802 "[MLK] XPConnect Leaks".
- fix bug 24119 "[MLK] Reminder about cleaning up maps".
- fix bug 24453 "xpconnect needs default security manager".
I also changed the code in DOM and caps to just install a default secman and
not install a secman for each JSContext.
- fix bug 24687 "xpconect should avoid resolve performance suckage".
Added (modified) patch from shaver to create my JSObjects with the
global object as the temporary proto to avoid losing lookup.
- hack for bug 24688 "runtime errors in wrapped JS are not made obvious"
Added a debug only printf. We still need a JSErrorConsole service for this.
- fix bug 16130 "createInstanace and getService can create wrappers around wrappers"
Fixing this one really entailed changing the semantics of nsIXPConnect::wrapNative
and nsIXPConnect::wrapJS to use common code in xpcconvert that deals with existing
wrappers and DOM objects (with their own schemes for wrapping and unwrapping).
So, I changed the callers because the params changed slightly and some callers
were doing more work than necessary given the new semantics.
- Continued in the crusade to replace manaual refcounting with nsCOMPtrs whenever
touching old code.
- Added myself as first contributor to xpconnect files (vanity prevails!)
- Added new copyright header on some files that were missing it.
- Added some API comments.
- Converted nsXPCWrappedJS to implement nsIXPConnectWrappedJS via MI rather than
the old loser scheme of the nsIXPConnectWrappedJSMethods tearoff object.
- added DumpJSStack as globals to xpconnect and DOM dlls to be callable from
debuggers. I have ideas on how to improve and expand this support soon.
r=mccabe
2000-01-26 08:38:10 +00:00
8507a58ec3
Files:
...
caps/include/nsScriptSecurityManager.h
caps/src/nsScriptSecurityManager.cpp
modules/libpref/src/init/all.js
Fix
24565 nsScriptSecurityManager::GetSecurityLevel() is a performance
24567 re-write DOM glue security checks to avoid NS_WITH_SERVICE()
r=waterson
Files:
dom/src/base/nsGlobalWindow.cpp
layout/base/src/nsDocument.cpp
layout/base/src/nsGenericElement.cpp
Fix assertion failure for 1-character property names.
Files:
dom/src/jsurl/nsJSProtocolHandler.cpp
webshell/src/nsDocLoader.cpp
Fix 18653 "javascript:" URLs cross windows problems (probably regressi
r=nisheeth
Files:
layout/events/src/nsEventListenerManager.cpp
Fix
23834 document.onkeypress allows sniffing keystrokes
24152 document.onclick shows links from other window
r=joki
2000-01-23 04:23:14 +00:00
69ef846a00
Fixed build blocker on HPUX, AIX, and Solaris by adding a cast. r=norris a=jar bug=24322
2000-01-20 00:19:30 +00:00
c5ed5dbd3d
Fix bug 24378 All DOM security checks inadvertently disabled
...
r=mstoltz,rogerl;a=jar
2000-01-19 23:39:07 +00:00
d4cf23a2bf
Fix build bustage caused by mismatch of NS_IMETHOD usage.
2000-01-18 22:45:05 +00:00
d0cbc99c85
Fix build bustage.
2000-01-18 22:35:27 +00:00
5014545a00
Implemented the reading of capabilities data from prefs. Reads codebase and certificate principal data and populates ScriptSecurityManager's principals table. bug= 18122 r=norris, rginda
2000-01-18 21:54:01 +00:00
alecf%netscape.com
sfraser%netscape.com
seawood%netscape.com
jaggernaut%netscape.com
mstoltz%netscape.com
ccarlen%netscape.com
jband%netscape.com
peterv%netscape.com
dbaron%fas.harvard.edu
bnesse%netscape.com
dougt%netscape.com
bzbarsky%mit.edu
gerv%gerv.net
scc%mozilla.org
cls%seawood.org
brendan%mozilla.org
waterson%netscape.com
ddrinan%netscape.com
blizzard%redhat.com
dmose%netscape.com
jst%netscape.com
kandrot%netscape.com
mkaply%us.ibm.com
valeski%netscape.com
bryner%uiuc.edu
shaver%mozilla.org
disttsc%bart.nl
danm%netscape.com
dprice%netscape.com
rickg%netscape.com
blakeross%telocity.com
suresh%netscape.com
beard%netscape.com
gagan%netscape.com
warren%netscape.com
mscott%netscape.com
pollmann%netscape.com
rayw%netscape.com
jdunn%netscape.com
jtaylor%netscape.com
dp%netscape.com
dcone%netscape.com
vidur%netscape.com
joki%netscape.com
scc%netscape.com
thayes%netscape.com
nisheeth%netscape.com
jefft%netscape.com
norris%netscape.com
brade%netscape.com