mstoltz%netscape.com
8b4ac18c14
Bug 136993 - Put the "trusted codebase principals" feature back in.
...
r=harishd, sr=jst, a=valeski
2002-04-13 01:53:46 +00:00
mstoltz%netscape.com
03fe97372a
A bunch of fixes in caps:
...
128697 - Added a pref listener for changes to capability.policy prefs,
removed profile-change listener
131025 - Removed insecure "trusted codebase principals" feature
131340 - Make nsCodebasePrincipal::Equals handle jar URLs correctly
131342 - Clean up privilege-grant dialog code
128861 - class policy hashtables allocated only when needed; avoids
PLDHash memory-use warning
Fixed comparison of -1 and 80 ports (Can't find the bug # right now)
All r=harishd, sr=jst, a=asa.
2002-03-20 05:53:46 +00:00
mstoltz%netscape.com
f634fa73d2
bug 106535, adding the ability to enable codebase principals for a single host
...
instead of for all hosts. r=vidur, sr=jst.
2001-10-26 23:00:48 +00:00
gerv%gerv.net
11248436dd
License changes, take 2. Bug 98089. mozilla/config/, mozilla/caps/, mozilla/build/.
2001-09-25 01:03:58 +00:00
gerv%gerv.net
1856815ff1
Oops.
2001-09-20 00:02:59 +00:00
scc%mozilla.org
102170b2a0
bug #98089 : ripped new license
2001-09-19 20:09:47 +00:00
brendan%mozilla.org
dbd7fed5b1
FASTLOAD_20010703_BRANCH landing, r=dbaron, sr=shaver.
2001-07-31 19:05:34 +00:00
mstoltz%netscape.com
e0fc50a6d4
Fixes for 32878, 37739. Added PR_CALLBACK macros. Changed security.principal pref syntax to a nicer syntax. Removed "security.checkxpconnect" hack.
2000-05-16 03:40:51 +00:00
mstoltz%netscape.com
9bb975256e
Fixes for 27010, 32878, and 32948.
2000-04-26 03:50:07 +00:00
mstoltz%netscape.com
57feeae5ec
Backing out changes until I can figure out why it's crashing on startup.
2000-04-23 21:25:39 +00:00
mstoltz%netscape.com
62bffdd26e
Fixes for bugs 27010, 32878, 32948.
2000-04-23 20:30:29 +00:00
norris%netscape.com
2b4b436f5f
Fix 25062 Reload vulnerability
...
25206 Reload vulnerability #2
Implement grant dialogs and persistence for capabilities.
most r=mstoltz, some code from morse w/ r=norris
2000-02-10 04:56:56 +00:00
mstoltz%netscape.com
5014545a00
Implemented the reading of capabilities data from prefs. Reads codebase and certificate principal data and populates ScriptSecurityManager's principals table. bug= 18122 r=norris, rginda
2000-01-18 21:54:01 +00:00
jdunn%netscape.com
cb0c532e85
Fix base class specifiers, since be default if they aren't specified it is Private
...
# 23237
r= warren@netscape.com , ftang@netscape.com , jband@netscape.com
2000-01-11 01:45:34 +00:00
norris%netscape.com
7cd400a26f
* Fix the following bugs by tightening the default security policy.
...
17977 [DOGFOOD] Reading documents using document.body
17538 document.lastModified is exposed
17537 document.images vulnerabilities
16036 [DOGFOOD] document.Element exposes the DOM of documents from
15757 [DOGFOOD] Injecting JS code using setAttribute and getElemen
15550 Injecting text in documents from any domain using createText
15067 [DOGFOOD] getElementsByTagName() allows reading of arbitrary
* Create an array of dom property policy types and initialize it when the script security manager is created.
* Move some implementation code to a new shared implementation base class.
* Implement privilege enabling, disabling and reverting
* Implement stack walking for checking privileges.
r=mstoltz@netscape.com
* Modify nsIPref to support security policy work.
r=neeti@netscape.com
1999-11-11 22:10:36 +00:00
dmose%mozilla.org
142ac52eaf
updated xPL license boilerplate to v1.1, a=chofmann@netscape.com,r=endico@mozilla.org
1999-11-06 03:43:54 +00:00
norris%netscape.com
ec9d253f50
Add all-powerful system principals. Remove some dead code from the build.
1999-09-01 00:54:35 +00:00
norris%netscape.com
d8507f844e
* clean up nsScriptSecurityManager
...
* remove nsJSSecurityManager
* save principals in nsIChannels and nsIDocuments
1999-08-29 21:58:42 +00:00
mccabe%netscape.com
84982717ce
Spam caps subtree to replace declarations of IDL-defined interface methods in implementation classes with xpidl-generated NS_DECL_NSIFOO macro.
1999-08-21 20:22:27 +00:00
arielb%netscape.com
1b252b2e3b
includes updates to codbase matching security checks currently turned off
...
but in place. redefined the script security manager in caps and it is
now generating codebase principals.
1999-08-20 09:51:02 +00:00
arielb%netscape.com
a1d83223f4
added a new and improved factory to caps module. fixed some bugs and
...
cleared some warnings. also move some methods of privilege manager to
principal manager.
1999-08-06 22:44:35 +00:00
arielb%netscape.com
0d16b83058
add a principal manager to caps api. everything is now xpidled so
...
i removed the public directory from the module.
1999-08-01 21:26:02 +00:00
arielb%netscape.com
8dad60d09d
Fix to the caps security module. I removed the nsPrincipal struct, from now
...
on you can access principals by their xpcomed interface nsIPrincipal.
1999-07-24 03:58:23 +00:00
arielb%netscape.com
587d04c222
idled principals interfaces and some fixes to caps manager...
1999-07-16 20:31:18 +00:00