2.) WebShell now implements the new nsIScriptGlobalObjectOwner.
3.) WebShell supports GetInterface to nsIScriptGlobalObject.
4.) Documents no longer carry around a reference to nsIScriptContextOwner. Instead they hold on to a nsIScriptGlobalObject. nsIDocument::GetScriptContextOwner has now become nsIDocument::GetScriptGlobalObject(). Same change to the set methods.
- Rename nsIScriptContext::CompileFunction to CompileEventHandler, and add BindCompiledEventHandler, to reflect function name restrictions and help brutal sharing.
- Add adjunct-interface nsIScriptEventHandlerOwner to nsIScriptObjectOwner.h; this interface is queried for by nsEventListenerManger.cpp to test and fill the XUL prototype event handler "cache".
- PR_LOG JS warnings, and look in javascript.options.{strict,werror} for those options.
- Implement nsIScriptEventHandlerOwner in nsXULElement, keeping pointers to pre-compiled event handlers in nsXULPrototypeAttribute.
(bug 13218, r=waterson@netscape.com,vidur@netscape.com)
and efficiency.
Tighten checks on document properties and node properties. Should resolve
several bugs:
18965 document.firstChild vulnerability
19043 document.childNodes vulnerability
19044 document.lastChild vulnerability
r=mstoltz
- Fix most of bug 13163 (see TODO for rest). This entails adding a version-string argument to nsIScriptContext::EvaluateString and passing it around lots of places in content sinks.
- Fix leaks and confusion about mSecurityManager and mNameSpaceManager in nsJSEnvironment.cpp. These still need to move from nsJSContext to nsGlobalWindow or thereabouts, jband and vidur are looking at that.
- Added comments and expanded tabs in nsJSEnvironment.cpp, esp. to EvaluateString. Also changed various nsresult vars to be named rv. Also restored brace/style conformity to nsJSProtocolHandler.cpp.
- Factored CompileFunction from AddScriptEventListener to pave the way for brutal sharing of compiled JS event handlers via JS_CloneFunctionObject.
- Lots of nsCOMPtr uses added. I'm using one for mNameSpaceManager. Hold mSecurityManager as a service explicitly, on the other hand (awaiting scc's fix to allow comptrs for services), and release in nsJSContext's dtor (fixing a leak). These two managers should be moved to the window object -- TODO item below.
- Hold JSRuntimeService along with JSRuntime for live of nsJSEnvironment, fix for shaver.
- Fix window.setTimeout etc. so the filename and line number of the timeout expr is propagated. This meant factoring nsJSUtils.cpp code.
- Fix all content sinks to use the same, and up-to-date JavaScript version parsing (whether for script type or for old language attribute); also fix SplitMimeType clones to strip whitespace.
- With waterson, fix bug in brutal-sharing version of XUL content sink: script src= should not evaluate the inline content of its tag.
14443 "Same origin" security policy may be circumvented using docu
14820 Fixing up the relationship between nsCodeBasePrincipal and n
14919 Crash in JS MM code
Reviewed by mstoltz, approved by scc.
vidur%netscape.com
tbogard%aol.net
brendan%mozilla.org
danm%netscape.com
shaver%netscape.com
rods%netscape.com
buster%netscape.com
hyatt%netscape.com
norris%netscape.com
dmose%mozilla.org
nisheeth%netscape.com
joki%netscape.com
ftang%netscape.com
law%netscape.com
saari%netscape.com
cmanske%netscape.com
akkana%netscape.com