d2a7c1e86a
Remove GetKeyPointer method from nsTHashtable key types. b=374906 r=bsmedberg
2007-03-27 15:35:02 +00:00
a32fb9b241
Remove unused getKey callback from PLDHashTableOps/JSDHashTableOps. b=374906 r=bsmedberg
2007-03-27 15:33:45 +00:00
4ebb372bf8
When getting codebase principals, install the passed-in codebase on them even
...
if they come from the hashtable. Bug 269270, r=dveditz, sr=jst.
2007-02-09 04:52:44 +00:00
ec7b93b809
Get the source scheme from the right URI object. Bug 368160, r+sr=dveditz
2007-01-26 04:33:02 +00:00
81cfa9db1e
Make the redirect check get principals the same way we get them elsewhere.
...
Clean up some code to use the new security manager method. Bug 354693,
r=dveditz, sr=sicking
2006-11-22 18:27:54 +00:00
6599170933
Bug 202198: fix possible leak in nsScriptSecurityManager::InitPrefs(), patch by Ryan Jones <sciguyryan+bugzilla@gmail.com>, r+sr=dveditz
2006-11-22 17:22:40 +00:00
abe0665f38
Bug 360840. allocator mismatch in nsIScriptSecurityManager. r=timeless, sr=bz
2006-11-16 18:25:52 +00:00
5abb54c90b
Remove securityCompareURIs() from nsIScriptSecurityManager. Bug 327243, r+sr=jst
2006-11-14 22:46:45 +00:00
142a417a31
Make it possible for protocol handlers to configure how CheckLoadURI should
...
treat them via their protocol flags. Remove the protocol list we used before.
Bug 120373, r=dveditz, sr=darin
2006-11-10 23:49:08 +00:00
c7c2f947bb
Bug 351876 Move nsICryptoHash into necko
...
r=darin
2006-09-15 22:06:31 +00:00
e2524af589
Introduce CheckLoadURIStrWithPrincipal(). Bug 348559, r=dveditz, sr=jst
2006-08-21 22:15:20 +00:00
943d93f1e8
Bug 337223: Don't expose moz-anno protocol to web pages.
...
Patch by brettw
r=jst
sr=bzbarsky
2006-08-18 21:35:16 +00:00
e4c80b6420
Remove special-casing of about:blank for security purposes; give about:blank
...
pages the principal of whoever is responsible for loading them, when possible.
Bug 332182, r=mrbkap, sr=jst
2006-08-15 17:31:16 +00:00
2c27f29b83
bug 340107 save wasted cycles checking permissions if we're just going to deny access anyway. r=mrbkap, sr=sicking
2006-06-27 00:56:41 +00:00
714b309562
Fiox the special-casing for about:blank to deal with it now being
...
moz-safe-about:blank as far as the security manager is concerned. Bug 342108,
r=darin, sr=jst
2006-06-22 02:21:06 +00:00
6c8d302694
Allow about: modules to just set a flag to force script execution to be allowed
...
for particular about: URIs, instead of hardcoding checks in the security
manager. Bug 341313, r=darin, sr=jst
2006-06-22 02:19:49 +00:00
d5968aa228
Make the URIs of principals immutable. Bug 339822, r=dveditz, sr=darin
2006-06-20 03:17:41 +00:00
66d9ce92e5
Save the principal in the session history entry so that reloading a data: URL
...
will do the right thing. Also, change CheckLoadURI to allow null
principals to load things that anyone can load (e.g. http:// URIs). Bug
337260, r=dveditz, sr=jst
2006-06-19 21:08:45 +00:00
64681af28a
Move the safe vs unsafe about: distinction out of the security manager and into
...
nsIAboutModule implementations. Bug 337746, r=dveditz, sr=darin
2006-06-19 21:02:12 +00:00
d5ad1dc2b9
Land DOM_AGNOSTIC3_BRANCH, bug 255942. r=a few people, sr=brendan.
2006-06-13 03:07:47 +00:00
43895f48e7
Checking in Ben Turner <bent.mozilla@gmail.com> and timeless's patch to make Gecko use the JS engine's request model to help multithreaded embedders avoid GC races and crashes. bug 176182, r=mrbkap assumed-rs=brendan
2006-06-12 22:39:55 +00:00
271c305869
Bug 338678: For source compatibility fields "uint16 extra,spare" in JSFunctionSpec are replaced by singe "uint32 extra". In this way we do need to update the current sources that list just 5 fields to include the additional ",0" corresponding to "spare" field. To quell GCC warnings all sources that list less then 5 fields of JSFunctionSpec are updated to explicitly list all 5 fields. r=mrbkap, s=brendan
2006-05-22 22:58:31 +00:00
25f194de58
Make GetOrigin dig into nested URIs. Bug 336303, r=dveditz, sr=jst
2006-05-12 00:05:40 +00:00
422320e643
Create our URIs by hand (since we have our own scheme), instead of going
...
through the ioService. Also fixes some threadsafety stuff. Bug 337513,
r=dveditz, sr=darin.
2006-05-11 16:06:35 +00:00
1fe4516c9f
bug 335180 Remove win32.order, mozilla-bin.order, --enable-reorder, and
...
associated code. These options do not really work anymore.
r=bsmedberg
2006-05-06 17:53:51 +00:00
c85e631ff2
Disable optimization that relies on invariants we don't maintain. Bug 317240
...
wallpaper, r+sr=jst
2006-05-04 15:23:43 +00:00
90953ff01a
Deal with null subject URIs in SecurityCompareURIs. Bug 336432, r=dveditz, sr=jst
2006-05-04 02:29:46 +00:00
e7a84f6ea9
fixes bug 214672 "Further optimization and correctness improvements of libjar: streamlining nsJarInputStream" patch by Alfred Kayser <alfredkayser@nl.ibm.com>, r=jwalden, sr=darin
2006-05-02 19:33:09 +00:00
fca88cd9e1
Add an interface for nested URIs (like jar:, view-source:, etc) to implement
...
and use it in various places. Create null principals if asked for a codebase
principal for a codebase that doesn't have an inherent security context (eg
data: or javascript:). Bug 334407, r=biesi,dveditz, sr=darin
2006-05-02 18:54:19 +00:00
0488da364f
Deal with checkLoadURI better in the face of URI fixup. Bug 334341, r=biesi, sr=dveditz
2006-04-25 03:24:43 +00:00
1a4e0664f9
Check rv before looking at port. Bug 334210, r+sr+branch181=jst
2006-04-17 23:19:44 +00:00
c129f55b78
Allow redirects to data: URIs. Bug 211999, r=dveditz, jruderman; sr=darin
2006-04-17 23:13:33 +00:00
c4ba2c6a58
Fix refcounting bug. Followup to bug 327176; reviews pending.
2006-04-05 16:48:51 +00:00
a8129ca50f
Followup to bug 326506 -- this comment got lost somehow.
2006-04-02 22:00:08 +00:00
3f58349fa0
Init the system principal singleton when we init the security manager -- no
...
need for lazy init here. Bug 327176, r=mrbkap, sr=dveditz
2006-04-02 21:10:23 +00:00
59f912e4ad
Create a powerless non-principal and start using it. Bug 326506, r=mrbkap,
...
sr=dveditz
2006-04-02 20:58:26 +00:00
5521781301
fixes bug 328925 "Replace NS_WARN_IF_FALSE with NS_ASSERTION (where appropriate)" r=dbaron
2006-03-30 18:40:56 +00:00
99bb8c1c9e
Bug 330037 - First check if script/data url's are allowed, r=dveditz, sr=bzbarsky
2006-03-15 11:03:25 +00:00
41e6c02b2f
Remove dependency on nsIClassInfo.h from nsISupports.h (bug 330420). This adds a new nsIClassInfoImpl.h file which can be included to get the CI implementation macros. Also, removes unneeded inclusion of nsIProgrammingLanguage.h from nsIClassInfo.h. r=darin.
2006-03-15 04:59:42 +00:00
3ebe726715
Followup fix for bug 307867 -- make sure to update our pointers to hashtable
...
entries when the entries move. r=dveditz, sr=brendan
2006-02-24 04:38:46 +00:00
a279d689e5
Bug 106386 Correct misspellings in source code
...
r=bernd rs=brendan
2006-02-23 09:36:43 +00:00
2c5f1c1bd7
Make nsIPrincipal and some methods that use it scriptable. Bug 327242, r=jst,
...
sr=dveditz
2006-02-17 16:12:17 +00:00
f29ba2b9fb
Backing out since tree is closed.
2006-02-17 03:33:03 +00:00
2eeb07467d
Make nsIPrincipal and some methods that use it scriptable. Bug 327242, r=jst,
...
sr=dveditz
2006-02-17 03:26:03 +00:00
54eb4ccaac
Remove dead code. Bug 327171, r=mrbkap, sr=shaver
2006-02-14 21:08:15 +00:00
f9eb6120f3
Fix debug code to assert the right thing. r=timeless
2006-02-14 20:20:49 +00:00
38041b1d43
Fix bug 325991 -- spinning event queues requires more care. r=jst, sr=shaver
2006-02-07 22:24:47 +00:00
a898e666b8
bug 183156 remove *UCS2* functions, replacing them with *UTF16* ones
...
r+sr=darin
2006-02-03 14:18:39 +00:00
af27bd0d3c
Fixing tinderbox orange. Make caps work right again when dealing with a script global object that's not a window. r+sr=bzbarsky@mit.edu
2005-11-29 06:00:36 +00:00
7a5af690c6
Fixing bug 316794. Moving HandleDOMEvent() and Get/SetDocShell from nsIScriptGlobalObject to nsPIDOMWindow. r=mrbkap@gmail.com, sr=peterv@propagandism.org
2005-11-28 23:56:44 +00:00
dbaron%dbaron.org
bzbarsky%mit.edu
gavin%gavinsharp.com
sayrer%gmail.com
cbiesinger%web.de
pkasting%google.com
dveditz%cruzio.com
mhammond%skippinet.com.au
mrbkap%gmail.com
igor%mir2.org
darin%meer.net
martijn.martijn%gmail.com
bryner%brianryner.com
timeless%mozdev.org
jst%mozilla.jstenback.com