gecko-dev

Граф коммитов

Автор	SHA1	Сообщение	Дата
norris%netscape.com	2b4b436f5f	Fix 25062 Reload vulnerability 25206 Reload vulnerability #2 Implement grant dialogs and persistence for capabilities. most r=mstoltz, some code from morse w/ r=norris	2000-02-10 04:56:56 +00:00
mstoltz%netscape.com	5014545a00	Implemented the reading of capabilities data from prefs. Reads codebase and certificate principal data and populates ScriptSecurityManager's principals table. bug= 18122 r=norris, rginda	2000-01-18 21:54:01 +00:00
warren%netscape.com	7d4fa072a5	Fix for leak/bloat stats going negative. a=jar	1999-12-10 04:27:52 +00:00
norris%netscape.com	7cd400a26f	* Fix the following bugs by tightening the default security policy. 17977 [DOGFOOD] Reading documents using document.body 17538 document.lastModified is exposed 17537 document.images vulnerabilities 16036 [DOGFOOD] document.Element exposes the DOM of documents from 15757 [DOGFOOD] Injecting JS code using setAttribute and getElemen 15550 Injecting text in documents from any domain using createText 15067 [DOGFOOD] getElementsByTagName() allows reading of arbitrary * Create an array of dom property policy types and initialize it when the script security manager is created. * Move some implementation code to a new shared implementation base class. * Implement privilege enabling, disabling and reverting * Implement stack walking for checking privileges. r=mstoltz@netscape.com * Modify nsIPref to support security policy work. r=neeti@netscape.com	1999-11-11 22:10:36 +00:00

4 Коммитов