brendan%mozilla.org
|
eb7002903b
|
Fix comment from last night to match today's code.
|
2005-05-04 18:58:24 +00:00 |
brendan%mozilla.org
|
371b8140d2
|
Undo gist of last change for now, it breaks too much even though it's safer.
|
2005-05-04 16:19:31 +00:00 |
brendan%mozilla.org
|
ea9fd4132c
|
Find active native function principals when walking the JS stack, and beef up eval-ish native safeguards (281988, r=shaver/caillon, sr=jst, a=drivers).
|
2005-05-04 06:28:36 +00:00 |
bzbarsky%mit.edu
|
7b45a8e4ba
|
Fix crashes when privilegeManager methods are called by setting our our param
on success return. Bug 289991 and bug 289925, r=caillon, sr=dbaron, a=dbaron
|
2005-04-12 05:13:26 +00:00 |
bzbarsky%mit.edu
|
6d36e81b66
|
Do less addrefing of principals in the script security manager. Bug 289643,
r=caillon, sr=brendan, a=asa
|
2005-04-10 23:27:07 +00:00 |
brendan%mozilla.org
|
bb7b3cd85f
|
Revert kludge, want a general fix.
|
2005-04-07 19:48:57 +00:00 |
brendan%mozilla.org
|
b02c276f35
|
Stop evals and Script object calls/execs that cross trust domains (289074, r=shaver, sr=jst, a=drivers).
|
2005-04-07 02:22:24 +00:00 |
timeless%mozdev.org
|
4efd7a5f8a
|
Bug 239967 prototype for nsScriptSecurityManager::GetPrincipalFromContext is wrong
r=dveditz sr=dveditz
|
2005-03-29 03:12:12 +00:00 |
bryner%brianryner.com
|
e171eaba9b
|
Inline access to XPCWrappedNative's nsISupports pointer, with do_QueryWrappedNative nsCOMPtr helper (bug 285404). r=jst, sr=darin.
|
2005-03-10 00:39:28 +00:00 |
gandalf%firefox.pl
|
06f479dff9
|
bug 279768: Bring build system to work with --enable-ui-locale; r=bsmedberg; a=doron on webservices move
|
2005-03-08 17:21:36 +00:00 |
bsmedberg%covad.net
|
361daac936
|
Bug 281414 - global s/nsIPrefBranchInternal/nsIPrefBranch2/ rs=darin (did not change backwards-compatible code in extensions/irc extensions/venkman or extensions/inspector)
|
2005-02-25 20:46:35 +00:00 |
bzbarsky%mit.edu
|
3a4edb10d6
|
Remove special-casing so non-chrome-principal pages, even with chrome: uris,
can have script disabled as needed. Bug 280120, r=peterv, sr=neil
|
2005-02-22 21:18:31 +00:00 |
cbiesinger%web.de
|
92c940aa45
|
Bug 269661 make libpref not depend on caps
r=caillon sr=dveditz
|
2005-02-06 12:39:31 +00:00 |
jshin%mailaps.org
|
d30a1bda05
|
bug 280613 : checkLoadURIStr of nsIScriptSecurityManager should accept AUTF8String istead of string (for IDN), r=dveditz, sr=darin
|
2005-02-02 07:17:53 +00:00 |
bzbarsky%mit.edu
|
d9f747cca2
|
Add about:license and about:licence and make about: link to them. Bug 256945,
r=gerv, sr=darin
|
2005-01-23 21:02:36 +00:00 |
bsmedberg%covad.net
|
79241940e8
|
Bug 273876 - libxul step 2 (everything through widget, except spidermonkey) r=darin; again, this should not affect non-xulrunner trees.
|
2004-12-09 19:28:35 +00:00 |
timeless%mozdev.org
|
ffa869708f
|
Bug 261339 Setting capability.policy.default.Window.top to noAccess seems to crash mozilla
r=caillon sr=dveditz
|
2004-11-05 16:54:09 +00:00 |
timeless%mozdev.org
|
b405b527b8
|
Bug 267311 netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect") in a XBL constructor make mozilla crash. [@ JS_FrameIterator]
r=dveditz sr=jst
|
2004-11-05 15:25:04 +00:00 |
bzbarsky%mit.edu
|
1f629aef08
|
Make it possible to disable checkloaduri on a per-site basis instead of
disabling it globally. Bug 233108, r=caillon, sr=jst
|
2004-11-03 15:45:52 +00:00 |
jst%mozilla.jstenback.com
|
f97343e1ac
|
Re-enabling the fix for bug 69070 and optimizing some string code in caps that was for sure part of the reason for the Tp regression, and use CheckLoadURIWithPrincipal() to be more correct. r+sr=bzbarsky@mit.edu
|
2004-10-15 16:53:35 +00:00 |
jst%mozilla.jstenback.com
|
08b3a16535
|
Re-enabling the fix for bug 69070 and optimizing some string code in caps that was for sure part of the reason for the Tp regression, and use CheckLoadURIWithPrincipal() to be more correct. r+sr=bzbarsky@mit.edu
|
2004-10-15 16:34:58 +00:00 |
dveditz%cruzio.com
|
e67c6e5dcf
|
Improve enablePrivilege confirmation dialog text and presentation, sanity-check
privilege names (bug 253942, bug 253944) r=caillon,sr=brendan,a=chofmann,mkaply
|
2004-09-01 07:53:32 +00:00 |
cbiesinger%web.de
|
765d4043a5
|
removing myself from DEBUG_CAPS_HACKER list
|
2004-07-10 19:38:28 +00:00 |
roc+%cs.cmu.edu
|
0f4150a4e5
|
Bug 226439. Convert codebase to use AppendLiteral/AssignLiteral/LowerCaseEqualsLiteral. r+sr=darin
|
2004-06-17 00:13:25 +00:00 |
cbiesinger%web.de
|
914def148f
|
fix DEBUG_CAPS_HACKER bustage due to bug 240106
r=caillon sr=darin
|
2004-06-16 15:58:22 +00:00 |
dveditz%cruzio.com
|
e66742e59c
|
bug 162020 option to delay enabling confirmation buttons r=mkaply,sr=sspitzer
|
2004-06-05 09:26:01 +00:00 |
mkaply%us.ibm.com
|
348998da9e
|
#239580
r=danm, sr=dveditz
Extend ConfirmEx to allow setting the default button - change default button for script security to no
|
2004-05-24 13:33:51 +00:00 |
roc+%cs.cmu.edu
|
0e3ff503fb
|
Bug 226439. Convert Seamonkey to EqualsLiteral. rs=darin
|
2004-05-22 22:15:22 +00:00 |
bzbarsky%mit.edu
|
4ede76717e
|
Add a version of CheckLoadURI that takes a source principal instead of a source
URI. Update a bunch of callers to use it. Bug 233108, r=caillon, sr=dveditz
|
2004-04-25 16:55:27 +00:00 |
bryner%brianryner.com
|
642f7ede36
|
deCOMtaminate nsIScriptObjectPrincipal (bug 240745). This also fixes some code in nsCrypto.cpp that sems to have been mis-braced (I don't think it was working as intended). r+sr=jst.
|
2004-04-18 00:28:47 +00:00 |
gerv%gerv.net
|
9d2ee4928c
|
Bug 236613: change to MPL/LGPL/GPL tri-license.
|
2004-04-17 21:52:36 +00:00 |
cbiesinger%web.de
|
6ad20397bf
|
Bug 235504 Remove nsCString::EqualsWithConversion(const char*)
r=darin sr=dbaron
|
2004-04-14 20:09:30 +00:00 |
jst%mozilla.jstenback.com
|
2ee27045ba
|
Backing out the fix for bug 235457 since it made typing URLs, and autocomplete in the the URL bar not work.
|
2004-03-16 19:06:10 +00:00 |
jst%mozilla.jstenback.com
|
e1913b1f1e
|
Fixing bug 235457. Make new windows opened through window.open be opened on the context of the opener, and make caps not lie about when capabilities are enabled. r=danm-moz@comcast.net, r=caillon@aillon.org, sr=brendan@mozilla.org, a=dbaron@dbaron.org
|
2004-03-16 06:57:54 +00:00 |
cbiesinger%web.de
|
2081246472
|
one more tweak, r=caillon
|
2004-03-06 20:54:47 +00:00 |
cbiesinger%web.de
|
344f084a76
|
making this sound less like it's PSM, rs=caillon
|
2004-03-06 20:47:21 +00:00 |
darin%meer.net
|
c380c59f65
|
landing dbaron's patch for bug 235735 "fix callers that cast away const on result of ns[C]String::get" r+sr=darin
|
2004-02-28 22:34:07 +00:00 |
darin%meer.net
|
f6875e2d3c
|
fixes bug 234916 "Remove global/static NS_NAMED_LITERAL_C?STRING usage [was: Firefox crashes on startup on Mac OS X]" r=jst sr=dbaron
|
2004-02-25 02:08:34 +00:00 |
jst%mozilla.jstenback.com
|
505c634885
|
Fixing bug 233307. deCOMtaminating nsIScript* and related interfaces. r+sr=bryner@brianryner.com.
|
2004-02-09 22:48:53 +00:00 |
bsmedberg%covad.net
|
d0f309943a
|
Continuing to land the PACKAGING_20030906_BRANCH for bug 20640. Not part of the build, yet.
|
2004-01-07 13:37:00 +00:00 |
bsmedberg%covad.net
|
274ef7cd49
|
Beginning to land the PACKAGING_20030906_BRANCH for bug 20640. Not part of the build, yet.
|
2004-01-07 01:22:31 +00:00 |
neil%parkwaycc.co.uk
|
6394a7f9f8
|
Bug 227758 make subjectPrincipalIsSystem unscriptable and checkSameOriginURI scriptable r=caillon sr=dveditz
|
2003-12-19 21:51:37 +00:00 |
pkw%us.ibm.com
|
56dbd77c06
|
Bug 228095 - AIX: 64-bit build error in nsScriptSecurityManager.cpp
r=caillon@aillon.org, sr=brendan@mozilla.org, a=brendan@mozilla.org
|
2003-12-15 18:16:09 +00:00 |
caillon%returnzero.com
|
c8e5f51fe0
|
227079 - Mozilla asks for security privileges where it shouldn't
Make sure we check signed.applets.codebase_principal_support and special urls before going further.
r=jst sr=bzbarsky a=dbaron
|
2003-12-04 02:14:07 +00:00 |
brendan%mozilla.org
|
7809adca33
|
Fix missing cx param problem (223041, r=caillon, sr=dbaron).
|
2003-11-03 04:26:55 +00:00 |
dbaron%dbaron.org
|
6139d85dae
|
Work around bustage. Temporary fix. b=223041
|
2003-11-02 02:31:53 +00:00 |
caillon%returnzero.com
|
6ea484e8b7
|
Permit content to link to about:logo
Bug 223293; r=timeless sr=jst
|
2003-10-30 01:35:09 +00:00 |
caillon%returnzero.com
|
66caced69a
|
Re-land patch for bug 83536, merging principal objects.
Also includes fixes from bug 216041.
r=bzbarsky
sr=jst
|
2003-10-21 22:11:49 +00:00 |
brendan%mozilla.org
|
4878fd7a5e
|
Better version of last change, thanks to caillon for reminding me.
|
2003-09-28 04:55:50 +00:00 |
brendan%mozilla.org
|
3915f74063
|
Forgot to update calls to formerly-static SecurityCompareURI (r+sr=bz).
|
2003-09-28 04:44:33 +00:00 |