c5e8f896cd
166917. Clean up xpcom SDK includes. r=rpotts@netscape.com, sr=alecf@netscape.com, a=rjesup@wgate.com
2002-09-07 17:13:19 +00:00
1cc752dbaf
Make anonymous content inaccessible to web content (bug 164086), r=sicking@bigfoot.com, sr=jst@netscape.com
2002-08-29 04:05:39 +00:00
e6efe12743
Backing out jkeiser's checkin for bug 164086 (not bug 96537) because he
...
left a file out, and the tree turned red....
2002-08-28 10:13:28 +00:00
f9f5ddfac8
Make anonymous content inaccessible to web content (bug 96537), r=sicking@bigfoot.com, sr=jst@netscape.com
2002-08-28 08:19:43 +00:00
a65ab30704
Fix bug 159889: replace the hardcode of "@mozilla.org/preferences;1" with NS_PREF_CONTRACTID
...
Patch by leon.zhang@sun.com
r=Henry, sr=alecf
2002-08-19 04:29:58 +00:00
8ae6c40f5d
Removing old nmake build makefiles. Bug #158528 r=pavlov
2002-08-10 07:55:43 +00:00
d62393acda
5th patch for bug 158080
...
Description: replace the hardcode of @mozilla.org/embedcomp/window-watcher;1 with NS_WINDOWWATCHER_CONTRACTID
Patch by Henry.Jia@sun.com
r=anto, sr=alecf
2002-08-06 06:32:02 +00:00
b2160d158c
Use principals instead of URIs for same-origin checks.
...
b=159348, r=bz, sr=jst, a=asa
2002-07-30 21:26:32 +00:00
5bd0d2e2f1
Bug 154930 - If one page has explicitly set document.domain and another has not,
...
do not consider them to be of the same origin for security checks. r=dveditz, sr=jst
2002-07-09 00:10:02 +00:00
d3d63601cf
Disable script on the requested docshell and the containing docshells. b=154647, r=mstoltz, sr=jst
2002-07-02 23:26:08 +00:00
c55abc30d5
Bug 152725 - Get URL passed to cookie module from document principal, not document URL.
...
THis ensures that cookies set by javascript URL pages are set in the correct domain.
r=morse, sr=dveditz.
2002-07-02 17:58:24 +00:00
7be79a0d54
Backing out my checkin to see if it fixes the Txul breakage
2002-06-27 23:32:51 +00:00
eff7c1ce17
** checking in for mstoltz **
...
Disable scripts on the requested docshell and containing docshells. Also, made setCurrentURI() scriptable ( approved by Adam Lock ). b=154647, r=harishd, sr=jst
2002-06-27 20:58:42 +00:00
76d3ee501f
133170 - Need to re-check host for security on a redirect after a call to
...
XMLHttpRequest.open(). For xmlextras, r=heikki, sr=jband. For caps,
r=bzbarsky, sr=jst
147754 - Add same-origin check to XMLSerializer. Patch by jst. r=mstoltz,
sr=jband
113351 - Add same-origin check to XSL Include. Patch by peterv and jst,
r=mstoltz, sr=rpotts
135267 - Add same-origin check to stylesheets included via LINK tags.
r=dveditz, sr=scc
2002-06-14 23:54:18 +00:00
e96df2ad1b
Fixes mozilla/strings requiring unfrozen nsCRT class. patch by scc, r=dougt, sr=jag, b=136756
2002-05-15 18:55:21 +00:00
f43dfb75ba
fixes bug 142870 "nsIFile should use UCS-2 instead of UTF-8"
...
r=dougt sr=alecf
2002-05-07 23:07:19 +00:00
09cdc7f458
[Chrome FastLoad]
...
Ensure that principals are written as Compound Objects using |WriteCompoundObject|, not using |WriteObject|
r=mstoltz, sr=brendan
2002-05-03 03:00:46 +00:00
1b1677bbe9
fixes bug 129279 "nsIFile unicode/utf8/ascii task"
...
r=dougt sr=alecf
2002-04-27 05:33:09 +00:00
1163f76b50
Bug 136993 - Put the "trusted codebase principals" feature back in.
...
r=harishd, sr=jst, a=valeski
2002-04-13 01:53:46 +00:00
0de3da6d32
fixes bug 134546 "Memory leak in nsScriptSecurityManager::GetBaseURIScheme()"
...
patch=pj@ludd.luth.se , r=mstoltz, sr=darin, a=rjesup@wgate.com
2002-04-03 20:23:57 +00:00
310147212f
A bunch of fixes in caps:
...
128697 - Added a pref listener for changes to capability.policy prefs,
removed profile-change listener
131025 - Removed insecure "trusted codebase principals" feature
131340 - Make nsCodebasePrincipal::Equals handle jar URLs correctly
131342 - Clean up privilege-grant dialog code
128861 - class policy hashtables allocated only when needed; avoids
PLDHash memory-use warning
Fixed comparison of -1 and 80 ports (Can't find the bug # right now)
All r=harishd, sr=jst, a=asa.
2002-03-20 05:53:46 +00:00
fc883176bf
Bug 106386 rid source of misspellings
...
r=db48x sr=blake a=asa
2002-03-19 04:30:17 +00:00
f4fdfbb122
fix bug 129635 - write a destructor for DomainPolicy so that the hashtable is destroyed
...
(and not leaked!)
r=mstoltz, sr=vidur, a=asa
2002-03-10 00:41:08 +00:00
6c79c65bef
Bug 129503, "IsCapabilityEnabled should return PR_TRUE if no script on stack"
...
sr=brendan, r=mstoltz, a=asa
If the js stack has no principals on it, return PR_TRUE from IsCapabilityEnabled
. Currently, the only time we'd have a stack devoid of principals is when all f
unctions are native. If this assumption changes, this may need to be revisited
(depending on what it would mean to be a compiled script without a principal.)
2002-03-08 02:20:55 +00:00
026dda9f95
fixes bug 124042 "support internationalized URIs" r=dougt, sr=alecf, a=asa
2002-03-06 07:48:55 +00:00
b103d141c4
remove stale DEBUG_jband block. rs=jband a=dbaron
2002-03-05 08:02:05 +00:00
5db3c92b53
Bug 127938 - chrome scripts should be exempt from the security check put in for
...
bug 105050, on access to the opener property when the opener is a mail window.
r=pavlov, sr=jst, a=leaf.
2002-02-28 00:22:59 +00:00
c9cc21b1f1
partially backing out my last change - weird dependency problem
2002-02-26 05:28:26 +00:00
7b15894b8c
32571, present confirmation dialog before allowing scripts to close windows.
...
105050, pass null window.opener when opener is a mail window.
both r=heikki, sr=jst, a=asa.
Backed out previously because of tinderbox problem, which should be fixed now.
2002-02-26 04:50:21 +00:00
f12221c4d5
Fixing bug 111529. Optimizing out unnecessary QI calls from nsScriptSecurityManager::GetObjectPrincipal() and doing some other minor cleanups and speedups. r=nisheeth@netscape.com, sr=jband@netscape.com
2002-02-20 05:51:05 +00:00
93709bacaa
eliminate nsCRT::strlen for char* strings (part 1), bug 124536 r=dp sr=brendan
2002-02-19 07:36:56 +00:00
dbe661a6ae
Backing out mstoltz. r=dbaron,jrgm
2002-02-19 04:06:53 +00:00
7446e86422
Bug 105050 - return null window.opener to scripts if opener is a mail window.
...
Bug 32571 - Prompt user before allowing scripts to close windows if opener is null.
both r=heikki, sr=jst.
2002-02-19 01:09:45 +00:00
476bcbf436
OS/2 bustage - callback needs to be in header
2002-02-13 13:30:06 +00:00
13c8dad931
Bug 119646 - Rewrite of the security manager policy database for improved
...
performance. r=jst, sr=jband.
2002-02-13 04:20:46 +00:00
634e2f6f0c
one more part of fix for bug 107575, including the much coveted whitespace
...
remove aIgnoreCase parameter from all nsString and nsCString consumers
sr=jag, r=shaver
2002-02-01 01:53:09 +00:00
d285f8f560
Making the nsModuleComponentInfo data const; bug 74803. r=dp, sr=waterson
2002-01-30 21:14:20 +00:00
874c54280c
Landing the rest of the win32 gmake changes:
...
* Adds Makefile.ins to win32 specific dirs
* Adds WINNT ifdefs to Makefile.ins
* Causes NSPR to be compiled with --with-mozilla
* Misc general Makefile.in cleanup
Bug #58981 r=mcafee
2001-12-18 09:14:29 +00:00
6ab111155d
Bug 104158: Use NS_LITERAL_STRING instead of XXXWithConversion("..."). r=bryner, rs=alecf
2001-12-16 11:58:03 +00:00
45defae20a
Bug 107387 - rename security.properties to caps.properties. r=nhotta, rs=jst.
2001-12-12 04:43:35 +00:00
b4f1e83674
Bug 98349 - Convert Mac build to CW7 and XML projects. Removing obsolete .mcp files. r=pink/sr=sfraser
2001-12-11 04:54:47 +00:00
2d15ad27bc
Adding new files for conversion to CW7 and XML project files. Bug 98349 r=pink/sr=sfraser.
2001-12-10 20:25:12 +00:00
ed6ab111b7
Bug 109113 - misplaced #ifdef DEBUG caused fix not to work in opt builds.
...
Moved #endif to exclude important call. r/sr=jst.
2001-11-27 00:29:20 +00:00
f92134404a
trivial patch to make what is supposed to be a warning really a warning instead of an assert. rs=jband
2001-11-22 23:26:34 +00:00
35a301d30e
Fixing mac debug bustage. Patch suggested by jst, sr=jst.
2001-11-16 10:50:33 +00:00
144ebd46ff
Bug 109113, second half of fix. r=jst, sr=brendan. Adding new CheckObjectAccess
...
callback to enforce the same-origin policy on function.caller.
2001-11-16 06:17:24 +00:00
261f76a8ba
Ensure that string literals are used as |const char*| rather than |char*|. r=jag sr=brendan b=107052
2001-11-07 06:24:10 +00:00
c79715ed1b
Backing out fix for remote mach-o builds as it left mach-o builds fragile.
...
Add TK_CFLAGS back to default CFLAGS/CXXFLAGS.
Bug #107696
2001-11-03 03:29:05 +00:00
6daf60f372
Since '-framework Carbon' causes binaries to require console access to run, do not link using that flag by default. Otherwise, remote builds & non-console tinderboxes will break. Mac OSX Mach-O only.
...
Bug #107696 r=mozbot
2001-11-01 00:54:48 +00:00
fd8c486c4a
bug 106535, adding the ability to enable codebase principals for a single host
...
instead of for all hosts. r=vidur, sr=jst.
2001-10-26 23:00:48 +00:00
39857aa5c7
Bug 53057: Fixing up users of implicit |CharT*| conversion operators for nsCString to use |.get()| instead, rr=dbaron, rs=scc
2001-10-25 06:13:52 +00:00
5d3ba9e8a4
Fix for bug 103883. Add weak ref support for prefs observers to help reduce MLK cycles with preferences. r=ccarlen, darin, gordon, hewitt, mstoltz, srilatha, sspitzer. sr=alecf.
2001-10-22 20:54:48 +00:00
da7e1268bd
nsIObserver and nsIObserverService API freeze. r=rpotts@netscape.com, alecf@netscape.com. bug 99163
2001-10-19 20:52:59 +00:00
c578c92399
Make CAPS correctly observe changes to capability.policy prefs. Needed
...
for having UI for these suckers. Bug 101150, r=mstoltz,sr=jst
2001-10-02 21:56:51 +00:00
fdc4078bc4
Bug 100476: Convert uses of member functions ToNewUnicode, ToNewCString and ToNewUTF8String to their global versions and remove support from nsCString and nsString. r=dbaron, rs=scc
2001-09-29 08:28:41 +00:00
2cab766559
License changes, take 2. Bug 98089. mozilla/config/, mozilla/caps/, mozilla/build/.
2001-09-25 01:03:58 +00:00
2a80f3fea9
Oops.
2001-09-20 00:02:59 +00:00
63e86dc84f
bug #98089 : ripped new license
2001-09-19 20:09:47 +00:00
e25262c61f
One module per line for REQUIRES. r=/sr=alecf
2001-09-18 22:01:13 +00:00
3826eb9902
Bug 73353: splitting the modules on the REQUIRES lines in Makefile.in across multiple lines to more clearly show the changes made. sr=alecf
2001-09-18 13:41:47 +00:00
e5cc5abd22
Add REQUIRES to many modules for win32 support, bug 98372 r=cls
2001-09-12 20:32:40 +00:00
a5cb743964
attempt to fix HP-UX and and some other Unix bustages. r=cls
2001-08-29 07:24:39 +00:00
cf70c6ad6d
bug 86799, adding support for wildcard security policies of the form
...
"capability.policy.group.*.property". Also added additional optimizations
and changed copy-initialization of NSCOMPtrs to direct initialization
throughout the file. r=harishd, sr=jst, a=asa.
2001-08-29 02:05:48 +00:00
716f9f4695
Replace uses of deprecated NS_IMPL_ISUPPORTS and NS_IMPL_QUERYINTERFACE macros with NS_IMPL_{ISUPPORTS,QUERYINTERFACE}{1,0}. r=jag rs=brendan b=45797
2001-08-21 01:48:11 +00:00
c94cd95c3c
Project cleanup, rs=scc. Don't link with OJI, which is a component.
2001-08-15 23:09:21 +00:00
8405a1984e
Use NS_PTR_TO_INT32 macros to do 64-bit safe pointer conversions.
...
Bug #20860 r=Roland.Mainz@informatik.med.uni-giessen.de sr=brendan@mozilla.org
2001-08-14 07:59:59 +00:00
70f0d46fbc
86984 - make history.length sameOrigin-accessible. Security prefs change.
...
91714 - CheckLoadURI should trest 'safe' and 'unsafe' about: URLs as different protocols
56260 - 'Remember This Decision' in signed script grant dialog should default to unchecked
83131 - More descriptive security error messages
93951 - Added null check in GetBaseURIScheme to prevent crash.
All bugs r=jtaylor, sr=jst
2001-08-14 00:18:58 +00:00
138a297e1f
Shrink principals struct back to where it was last week -- but it could go further (93043, r=shaver, sr=jst).
2001-08-09 01:15:57 +00:00
1fc1c5e630
I'm such a C luddite.
2001-08-07 04:45:27 +00:00
01289b3afb
Restore scriptable nsIClassInfo.classID but add fast/C++-only classIDNoAlloc; define and use nsIClassInfo::EAGER_CLASSINFO in caps (93792, sr=waterson&jst).
2001-08-07 03:59:29 +00:00
d3319276da
82495 - Support for the view-source protocol in CheckLoadURI
...
87887 - don't call InitPolicies or InitPrincipals if there are no prefs to process
83902 - Use weak reference to pref branch to avoid reference cycle
91619 - was leaking a char* - use nsXPIDLCString instead
86932 - Add support for per-site JS disabling to CanExecuteScripts
all bugs r=jesse, sr=dougt
2001-08-02 20:32:48 +00:00
8c7c819206
FASTLOAD_20010703_BRANCH landing, r=dbaron, sr=shaver.
2001-07-31 19:05:34 +00:00
c14d9c09a1
Bug 86734: Remove NS_WITH_SERVICE. r=dbaron, rs=scc, a=asa
2001-07-25 07:54:28 +00:00
4d73a251ab
Bug 73353: clean up the REQUIRES lines in Makefiles.
2001-07-23 22:36:12 +00:00
bf82abfd11
Header include dependency cleanup. b=64023 r=jag rs=brendan
2001-07-16 02:40:48 +00:00
50f00fbc78
Bug 77485 - defining a function in another window using a targeted javascript:
...
link. Prevent running javascript: urls cross-domain and add a security check for adding
and removing properties. r=harishd, sr=jst.
2001-07-13 07:08:26 +00:00
03ab87e4a1
Bug 88413: Remove |GetUnicode()| from nsString (and replace it with |get()|). r=dbaron, rs=scc.
...
This removes all call-sites I can currently fix. Tomorrow I'll try to get someone to checkin my changes to security/ and I'll get some help with the Netscape side of things.
nsString::GetUnicode()'s final death-blow will be dealt soon. Please keep this in mind as you add new code :-)
2001-06-30 11:02:25 +00:00
0f456dda65
86019 - Change stack-walking code in caps to keep functions from inheriting privileges
...
from their caller. r=jesse@netscape.com , sr=jst@netscape.com , a=asa@mozilla.org , PDT+
86982 - Add same-origin security check to XMLDocument::Load(). r,a=blizzard@mozilla.org,
sr=jst@netscape.com
84191 - Fixing regression in Open URL dialog by not calling CheckLoadURI when it isn't
needed. r=cmanske@netscape.com , sr=sfraser@netscape.com , a=asa@mozilla.org
2001-06-22 02:08:10 +00:00
0877b1a573
Land STATIC_BUILD_20010612_BRANCH, which supports building mozilla with components statically linked into the executable, as well as 'meta modules' that combine components into uber-DLLs.
2001-06-20 20:21:49 +00:00
688519fb0c
Fix bad getters on nsIDocument and nsIScriptContext to use out params rather than return |AddRef|ed pointers. b=81289 r=jaggernaut sr=jst a=asa
2001-06-20 03:27:48 +00:00
2e8b3e9481
bug #85271 : sr=waterson, r={beard, jag, dbaron}, a=asa. Eliminate features of |nsXPIDLC?String| that keep it out of the string hierarchy (i.e., using assigment to rebind ownership, static |Copy| members, and |getter_Shares|), fixing some leaks in the process.
2001-06-17 05:23:38 +00:00
00ba04ac0e
bug 77485 - exploit inserting a function into another window using targeted
...
javascript URL links. Two-part fix: moving the call to GetCurrentDocumentOwner
in nsDocShell::LoadInternal to before the target docshell is called, and
changing nsScriptSecurityManager::GetFunctionObjectPrincipal to only get
the principal from the function object's scope chain if the function object's
principal is the system principal. r=jst, sr=vidur, a=asa.
2001-05-30 02:22:22 +00:00
a86397a93a
PCKS7 implementation for signed JS. Bug# 82227 r=mstoltz@netscape.com,sr=blizzard@mozilla.org,a=blizzard@mozilla.org
2001-05-23 22:06:43 +00:00
edf3f8a6e9
Re-checking-in my fix for 47905, which was backed out last night because of a bug in some other code that was checked in along with it. This checkin was not causing the crasher and is unchanged. See earlier checkin comment - in short, this adds same-origin to XMLHttpRequest and cleans up some function calls in caps, removes some unnecessary parameters. r=vidur, sr=jst.
2001-05-19 00:33:51 +00:00
e1e5c32a99
Back out mstoltz because of blocker bug #81629 . Original bugs were 47905 79775.
2001-05-18 17:41:23 +00:00
201736a175
Bug 47905 - adding security check for XMLHttpRequest.open.
...
Added nsIScriptSecurityManager::CheckConnect for this purpose.
Also cleaned up the security check API by removing some unnecessary
parameters. r=vidur@netscape.com , sr=jst@netscape.com
Bug 79775 - Forward button broken in main mail window. Making
WindowWatcher not call GetSubjectPrincipal if the URL to be loaded is
chrome, since the calling principal is superfluous in this case.
No one has been able to find the root cause of this problem, but
this checkin works around it, which is the best we can do for now.
r=ducarroz@netscape.com , sr=jst@netscape.com
2001-05-18 06:56:29 +00:00
822c76926e
Fixing bug 78831 - treat chrome and resource URLs the same in the
...
URL loading check and give them access to each other. r=pavlov,
sr=brendan. This allows us to turn on the fix (already reviewed)
for 69070.
2001-05-15 22:47:21 +00:00
cbe1b93f17
*** empty log message ***
2001-05-15 06:43:12 +00:00
a2efeb43e7
bug 79445, fixing crash with some event handlers (null pointer dereference)
...
r/sr=brendan@mozilla.org . Also fixed a typo in prefs that would have reopened
bug 56009.
2001-05-15 04:44:54 +00:00
f2b3d870ba
bug 79916 - was using | instead of &, causing a security hole. r=jband, sr=brendan.
2001-05-11 00:53:21 +00:00
d0f2b845b9
Fixes for bugs 79796, 77203, and 54060. r=jband@netscape.com,
...
sr=brendan@mozilla.org
2001-05-11 00:43:27 +00:00
d9fefe861d
more REQUIRES bustage fixing for senna; unicharutil dependency has been introduced because caps wants nsIDocShell which wants nsIPresContext
2001-05-10 18:48:46 +00:00
61f5b1d1a1
Temporary workaround for the composer and other related problems caused by security manager problems, change by mstoltz@netscape.com, r=jst@netscape.com
2001-05-09 02:53:46 +00:00
adf1d8320a
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
df1a6e78a8
Bug 78745 - nsIPromptService::ConfirmEx needs to be more flexible. r=valeski, sr=sfraser
2001-05-06 15:03:55 +00:00
d5bd552195
Check in for Ron Guilmette. r=shaver, sr=waterson. For intl r=nhotta. Changes for NS_IMPL_NSGETMODULE. bug #46775 .
2001-05-05 05:33:37 +00:00
1e48cea7cc
#76913
...
r=mstoltz, sr=brendan
Fix some calling convention - PR_ to JS_
2001-05-02 00:02:59 +00:00
25c6dc1c7e
Set EXPORT_LIBRARY=1 in all pertinent Makefile.ins. Allows us to build the final link list as we traverse the tree. Bug #46775
2001-04-28 19:48:12 +00:00
9e8d80d70f
mozilla diffs r=tao, sr=alecf, commercial diffs r=syd, sr=syd/shaver. lower-casing JS calls to createBundle. removing un-used nsILocale param from nsIStringBundle::CreateBundle(). 76332
2001-04-27 21:30:24 +00:00
5e35cbdbc0
Backing out valeski
2001-04-27 05:53:22 +00:00
def10e77f9
mozilla tree r=tao, sr=alecf. commercial tree r=syd, sr=syd/shaver. lowercasing the first char in JS method calls to createBundle. removing the dead locale parameter in the CreateBundle() method call. 76332
2001-04-27 04:16:22 +00:00
19dccef1bc
Prefs API refactoring. Bug #46863 . r=valeski, sr=alecf.
2001-04-26 18:41:11 +00:00
fad24de4ee
Bug 46859 - Remove UniversalDialog. r=valeski/sr=rpotts,sfraser/a=blizzard
2001-04-21 00:26:18 +00:00
cbc8cea88c
Backing out bnesse's fix for bug 46863 due to numerous types of runtime bustage on linux and windows. a=brendan.
2001-04-20 06:45:56 +00:00
6a048b1a8f
Landing PrefAPI refactoring bug 46863. r=valeski, sr=alecf, a=blizzard.
2001-04-19 22:21:39 +00:00
c302defdcd
More fixes for 55237, cleaned up CheckLoadURI and added a check on "Edit This Link." Also added error reporting (bug 40538).
...
r=beard, sr=hyatt
2001-04-17 01:21:44 +00:00
1f23f5941d
Fix leaks of global objects. b=76091 r=mstoltz@netscape.com sr=hyatt@netscape.com
2001-04-17 00:12:28 +00:00
e2dc3d6d88
75152: Remove GetVersionNumber stub in favour of upcoming, less-invasive
...
preloader strategy. r=jag, sr=attinasi.
2001-04-11 14:23:13 +00:00
748e1ece2f
Clean up MODULE/REQUIRES, bug=73353, r=cls
2001-04-08 08:33:11 +00:00
60d5b49964
Fix MOZ_TRACK_MODULE_DEPS (senna tinderbox) bustage by adding new header file dependencies to REQUIRES.
2001-04-07 04:29:01 +00:00
378b2f48b9
removing use of nsNetSupportDialog. bug 72112 continued. r=hyatt,morse,mstoltz,various
2001-04-07 03:33:56 +00:00
3e31ab9946
65845 - new order files
2001-04-05 06:02:32 +00:00
c1ce80ae83
preloader update. r=peterl, sr=attinasi
2001-04-03 22:58:59 +00:00
96f5f6cf31
Add "gfx2" and "imglib2" to REQUIRES lines in Makefile.in for MOZ_TRACK_MODULE_DEPS builds (e.g. senna)
2001-03-30 10:39:06 +00:00
812a462213
Fix MOZ_TRACK_MODULE_DEPS bustage
2001-03-23 08:44:39 +00:00
9149e8b0b4
Fix MOZ_TRACK_MODULE_DEPS bustage.
2001-03-23 08:16:59 +00:00
b26a1f0451
Bugs 55069, 70951 - JS-blocking APIs for mailnews and embedding. r=mscott, sr=attinasi.
...
Bug 54237 - fix for event-capture bug, r=heikki, sr=jband.
2001-03-23 04:22:56 +00:00
de8b54d4c3
Fix 49334: gopher support, minor restructuring of directory viewer. necko: r=darin,dougt sr=rpotts other: r=waterson,mstoltz,jag sr=alecf
...
Fix 70404: assertions or datetime and finger. r=dougt, sr=rpotts
Both patches by Bradley Baetz (bbaetz@cs.mcgill.ca )
2001-03-14 02:42:39 +00:00
1b42d68e45
71057 sr=waterson new order files. NOT PART OF THE REGULAR BUILD
2001-03-13 10:47:37 +00:00
a8e9bc5bd5
sr=rpotts, r=gagan. 70743. switching over to new extensible URI::SchemeIs() api
2001-03-13 02:02:05 +00:00
b02946cae2
Adding aim protocol to the list. No Specific bug number. r=syd. sr=mstoltz
2001-03-07 05:58:45 +00:00
4122626e4f
Switch from NS_STATIC_CAST to NS_REINTERPRET_CAST to fix bustage on Mac. r=mstoltz
2001-03-02 01:13:35 +00:00
6672d1a27a
bug 47905, adding security check to XMLHttpRequest.open(). r=heikki, sr=brendan
2001-03-02 00:09:20 +00:00
5184a7104b
# 65845 sr=waterson, new order files will greatly reduce the number of link warnings.
2001-02-27 04:38:19 +00:00
407dac60d8
bug 63451 - moved signature verification functions from nsIZipReader to nsIJAR. r=sgehani, sr=shaver
2001-02-23 00:15:04 +00:00
744785129a
Mass REQUIRES update to synch up with string lib and xul changes in an attempt to fix senna bustage. r=jst, sr=cls
2001-02-22 09:35:51 +00:00
8720e0c142
Bug 66331, nsCodebasePrincipal::GetOrigin needs to specify the port
...
if nonstnandard. Fixes a bug in LiveConnect. r=dougt, sr=jband.
2001-02-14 00:27:34 +00:00
343dcec924
65845 First cut of the order files
2001-02-13 02:34:59 +00:00
234eb9d4b5
fix for bug #63466 , r=mstoltz, sr=brendan, a=leaf
2001-02-12 07:47:28 +00:00
cded3e2f30
Optimization for scheme comparison of URIs. See bug 66577 for details. r=darin, sr=brendan@mozilla.org
2001-01-31 01:33:03 +00:00
d1ff4c4a38
Bug 66369, adding support for per-file permissions granting to caps. r=jst, sr=jband.
2001-01-27 01:42:20 +00:00
3c4d17f118
Removing .cvsignore file so this directory will go away. Not part of build.
2000-12-28 21:08:29 +00:00
e383c347e4
fix bug 55506. If seman was initialized too early then it was failing to register its nameset. This happened on first run when JS Component Loader would use the secman. The result was that all calls to the security manager via JavaScript would fail for that session. This fixes that by continuing to try to register the nameset until it actually succeeds. r=mstoltz a=brendan
2000-11-30 05:32:08 +00:00
8bd122b3d5
Resurrect REQUIRES so that we have some sort of means to track intermodule dependencies. Bug #59454 r=blizzard@mozilla.org
2000-11-20 07:16:06 +00:00
d932c515d5
Make nsDestroyJSPrincipals stop confusing the leak stats by calling AddRef, but not when the refcount is 0. r=mstoltz@netscape.com sr=brendan@mozilla.org b=59135
2000-11-08 03:06:57 +00:00
3161a54c16
Fixing bugscape 3109, LiveConnect exploit. sr=jband, brendan.
...
Fixing 58021, exploit in "open in new window," bug 55237. sr=brendan
2000-11-07 01:14:08 +00:00
0caa769ac2
Bug 57937, signed frames denied access to unsigned frames. r=mccabe, sr=brendan
2000-10-30 20:05:07 +00:00
4189314fdb
Bug 47207. Backing out logging/PRINTF changes until we can fix stopwatch.h, introduce double parens, etc.
2000-10-28 22:17:53 +00:00
6e35f97e31
Bug 47207. Changing printf to PRINTF to use new logging facility. r=valeski,sr=waterson
2000-10-27 22:43:51 +00:00
4b5a54deb0
Bug #48403 --> don't allow JS running in a mailnews sand box to change the name of it's containing iframe.
...
this code was contributed by mstoltz.
r=beard, sr=mscott
2000-10-24 00:52:02 +00:00
87208694ab
Bug 13871: Prevent frameset spoofing r=mstoltz, sr=mscott, a=rpotts
2000-10-19 10:25:49 +00:00
99a2b79580
Fixing 56009, exploit allowing XPConnect access. r,a=hyatt, sr=scc
2000-10-13 22:59:47 +00:00
940c5078d1
Fixing 52497, security problem in document.implementation, r=jst a=brendan
2000-09-20 23:38:28 +00:00
075350b1c8
Landing jar packaging from jar_restructuring_branch. r=hyatt,dprice,sfraser,dveditz,vishy,sgehani
2000-09-20 19:35:24 +00:00
c53517dae2
fix memory corruption bug 52382. r=mstoltz
2000-09-14 08:48:53 +00:00
6cc70ebd6c
Bug 37275, Changing value of all progids, and changing everywhere a progid
...
is mentioned to mention a contractid, including in identifiers.
r=warren
2000-09-13 23:57:52 +00:00
3ebb4117a1
Fix warning which requires a return value from functions
...
r= brendan@mozilla.org scc@mozilla.org
#= 52254
2000-09-13 11:29:18 +00:00
397dd0a60e
bug 44147, caps grant dialog now being created from DOMWindow->GetPrompter instead of nsIPrompt service. r=dbragg
2000-09-09 00:53:21 +00:00
586719c321
bug 50304, adding "static" to security policy struct, should save some memory and time. r=rogerl
2000-09-07 19:03:23 +00:00
5e20db47e1
more GCC fixes
2000-09-03 06:41:18 +00:00
dougt%netscape.com
jkeiser%netscape.com
bbaetz%student.usyd.edu.au
henry.jia%sun.com
seawood%netscape.com
sicking%bigfoot.com
mstoltz%netscape.com
harishd%netscape.com
darin%netscape.com
ben%netscape.com
timeless%mac.com
alecf%netscape.com
rginda%netscape.com
jband%netscape.com
jst%netscape.com
cathleen%netscape.com
mcafee%netscape.com
mkaply%us.ibm.com
sfraser%netscape.com
jaggernaut%netscape.com
ccarlen%netscape.com
peterv%netscape.com
dbaron%fas.harvard.edu
bnesse%netscape.com
bzbarsky%mit.edu
gerv%gerv.net
scc%mozilla.org
cls%seawood.org
brendan%mozilla.org
waterson%netscape.com
ddrinan%netscape.com
blizzard%redhat.com
dmose%netscape.com
kandrot%netscape.com
valeski%netscape.com
bryner%uiuc.edu
shaver%mozilla.org
disttsc%bart.nl
danm%netscape.com
dprice%netscape.com
rickg%netscape.com
blakeross%telocity.com
suresh%netscape.com
beard%netscape.com
gagan%netscape.com
warren%netscape.com
mscott%netscape.com
pollmann%netscape.com
rayw%netscape.com
jdunn%netscape.com