Граф коммитов

435 Коммитов

Автор SHA1 Сообщение Дата
jaggernaut%netscape.com 39857aa5c7 Bug 53057: Fixing up users of implicit |CharT*| conversion operators for nsCString to use |.get()| instead, rr=dbaron, rs=scc 2001-10-25 06:13:52 +00:00
bnesse%netscape.com 5d3ba9e8a4 Fix for bug 103883. Add weak ref support for prefs observers to help reduce MLK cycles with preferences. r=ccarlen, darin, gordon, hewitt, mstoltz, srilatha, sspitzer. sr=alecf. 2001-10-22 20:54:48 +00:00
dougt%netscape.com da7e1268bd nsIObserver and nsIObserverService API freeze. r=rpotts@netscape.com, alecf@netscape.com. bug 99163 2001-10-19 20:52:59 +00:00
bzbarsky%mit.edu c578c92399 Make CAPS correctly observe changes to capability.policy prefs. Needed
for having UI for these suckers.  Bug 101150, r=mstoltz,sr=jst
2001-10-02 21:56:51 +00:00
jaggernaut%netscape.com fdc4078bc4 Bug 100476: Convert uses of member functions ToNewUnicode, ToNewCString and ToNewUTF8String to their global versions and remove support from nsCString and nsString. r=dbaron, rs=scc 2001-09-29 08:28:41 +00:00
gerv%gerv.net 2cab766559 License changes, take 2. Bug 98089. mozilla/config/, mozilla/caps/, mozilla/build/. 2001-09-25 01:03:58 +00:00
gerv%gerv.net 2a80f3fea9 Oops. 2001-09-20 00:02:59 +00:00
scc%mozilla.org 63e86dc84f bug #98089: ripped new license 2001-09-19 20:09:47 +00:00
jaggernaut%netscape.com e25262c61f One module per line for REQUIRES. r=/sr=alecf 2001-09-18 22:01:13 +00:00
jaggernaut%netscape.com 3826eb9902 Bug 73353: splitting the modules on the REQUIRES lines in Makefile.in across multiple lines to more clearly show the changes made. sr=alecf 2001-09-18 13:41:47 +00:00
alecf%netscape.com e5cc5abd22 Add REQUIRES to many modules for win32 support, bug 98372 r=cls 2001-09-12 20:32:40 +00:00
jband%netscape.com a5cb743964 attempt to fix HP-UX and and some other Unix bustages. r=cls 2001-08-29 07:24:39 +00:00
mstoltz%netscape.com cf70c6ad6d bug 86799, adding support for wildcard security policies of the form
"capability.policy.group.*.property". Also added additional optimizations
and changed copy-initialization of NSCOMPtrs to direct initialization
throughout the file. r=harishd, sr=jst, a=asa.
2001-08-29 02:05:48 +00:00
dbaron%fas.harvard.edu 716f9f4695 Replace uses of deprecated NS_IMPL_ISUPPORTS and NS_IMPL_QUERYINTERFACE macros with NS_IMPL_{ISUPPORTS,QUERYINTERFACE}{1,0}. r=jag rs=brendan b=45797 2001-08-21 01:48:11 +00:00
sfraser%netscape.com c94cd95c3c Project cleanup, rs=scc. Don't link with OJI, which is a component. 2001-08-15 23:09:21 +00:00
cls%seawood.org 8405a1984e Use NS_PTR_TO_INT32 macros to do 64-bit safe pointer conversions.
Bug #20860 r=Roland.Mainz@informatik.med.uni-giessen.de sr=brendan@mozilla.org
2001-08-14 07:59:59 +00:00
mstoltz%netscape.com 70f0d46fbc 86984 - make history.length sameOrigin-accessible. Security prefs change.
91714 - CheckLoadURI should trest 'safe' and 'unsafe' about: URLs as different protocols
56260 - 'Remember This Decision' in signed script grant dialog should default to unchecked
83131 - More descriptive security error messages
93951 - Added null check in GetBaseURIScheme to prevent crash.
All bugs r=jtaylor, sr=jst
2001-08-14 00:18:58 +00:00
brendan%mozilla.org 138a297e1f Shrink principals struct back to where it was last week -- but it could go further (93043, r=shaver, sr=jst). 2001-08-09 01:15:57 +00:00
brendan%mozilla.org 1fc1c5e630 I'm such a C luddite. 2001-08-07 04:45:27 +00:00
brendan%mozilla.org 01289b3afb Restore scriptable nsIClassInfo.classID but add fast/C++-only classIDNoAlloc; define and use nsIClassInfo::EAGER_CLASSINFO in caps (93792, sr=waterson&jst). 2001-08-07 03:59:29 +00:00
mstoltz%netscape.com d3319276da 82495 - Support for the view-source protocol in CheckLoadURI
87887 - don't call InitPolicies or InitPrincipals if there are no prefs to process
83902 - Use weak reference to pref branch to avoid reference cycle
91619 - was leaking a char* - use nsXPIDLCString instead
86932 - Add support for per-site JS disabling to CanExecuteScripts
all bugs r=jesse, sr=dougt
2001-08-02 20:32:48 +00:00
brendan%mozilla.org 8c7c819206 FASTLOAD_20010703_BRANCH landing, r=dbaron, sr=shaver. 2001-07-31 19:05:34 +00:00
jaggernaut%netscape.com c14d9c09a1 Bug 86734: Remove NS_WITH_SERVICE. r=dbaron, rs=scc, a=asa 2001-07-25 07:54:28 +00:00
jaggernaut%netscape.com 4d73a251ab Bug 73353: clean up the REQUIRES lines in Makefiles. 2001-07-23 22:36:12 +00:00
dbaron%fas.harvard.edu bf82abfd11 Header include dependency cleanup. b=64023 r=jag rs=brendan 2001-07-16 02:40:48 +00:00
mstoltz%netscape.com 50f00fbc78 Bug 77485 - defining a function in another window using a targeted javascript:
link. Prevent running javascript: urls cross-domain and add a security check for adding
and removing properties. r=harishd, sr=jst.
2001-07-13 07:08:26 +00:00
jaggernaut%netscape.com 03ab87e4a1 Bug 88413: Remove |GetUnicode()| from nsString (and replace it with |get()|). r=dbaron, rs=scc.
This removes all call-sites I can currently fix. Tomorrow I'll try to get someone to checkin my changes to security/ and I'll get some help with the Netscape side of things.

nsString::GetUnicode()'s final death-blow will be dealt soon. Please keep this in mind as you add new code :-)
2001-06-30 11:02:25 +00:00
mstoltz%netscape.com 0f456dda65 86019 - Change stack-walking code in caps to keep functions from inheriting privileges
from their caller. r=jesse@netscape.com, sr=jst@netscape.com, a=asa@mozilla.org, PDT+

86982 - Add same-origin security check to XMLDocument::Load(). r,a=blizzard@mozilla.org,
sr=jst@netscape.com

84191 - Fixing regression in Open URL dialog by not calling CheckLoadURI when it isn't
needed. r=cmanske@netscape.com, sr=sfraser@netscape.com, a=asa@mozilla.org
2001-06-22 02:08:10 +00:00
waterson%netscape.com 0877b1a573 Land STATIC_BUILD_20010612_BRANCH, which supports building mozilla with components statically linked into the executable, as well as 'meta modules' that combine components into uber-DLLs. 2001-06-20 20:21:49 +00:00
dbaron%fas.harvard.edu 688519fb0c Fix bad getters on nsIDocument and nsIScriptContext to use out params rather than return |AddRef|ed pointers. b=81289 r=jaggernaut sr=jst a=asa 2001-06-20 03:27:48 +00:00
scc%mozilla.org 2e8b3e9481 bug #85271: sr=waterson, r={beard, jag, dbaron}, a=asa. Eliminate features of |nsXPIDLC?String| that keep it out of the string hierarchy (i.e., using assigment to rebind ownership, static |Copy| members, and |getter_Shares|), fixing some leaks in the process. 2001-06-17 05:23:38 +00:00
mstoltz%netscape.com 00ba04ac0e bug 77485 - exploit inserting a function into another window using targeted
javascript URL links. Two-part fix: moving the call to GetCurrentDocumentOwner
in nsDocShell::LoadInternal to before the target docshell is called, and
changing nsScriptSecurityManager::GetFunctionObjectPrincipal to only get
the principal from the function object's scope chain if the function object's
principal is the system principal. r=jst, sr=vidur, a=asa.
2001-05-30 02:22:22 +00:00
ddrinan%netscape.com a86397a93a PCKS7 implementation for signed JS. Bug# 82227 r=mstoltz@netscape.com,sr=blizzard@mozilla.org,a=blizzard@mozilla.org 2001-05-23 22:06:43 +00:00
mstoltz%netscape.com edf3f8a6e9 Re-checking-in my fix for 47905, which was backed out last night because of a bug in some other code that was checked in along with it. This checkin was not causing the crasher and is unchanged. See earlier checkin comment - in short, this adds same-origin to XMLHttpRequest and cleans up some function calls in caps, removes some unnecessary parameters. r=vidur, sr=jst. 2001-05-19 00:33:51 +00:00
blizzard%redhat.com e1e5c32a99 Back out mstoltz because of blocker bug #81629. Original bugs were 47905 79775. 2001-05-18 17:41:23 +00:00
mstoltz%netscape.com 201736a175 Bug 47905 - adding security check for XMLHttpRequest.open.
Added nsIScriptSecurityManager::CheckConnect for this purpose.
Also cleaned up the security check API by removing some unnecessary
parameters. r=vidur@netscape.com, sr=jst@netscape.com

Bug 79775 - Forward button broken in main mail window. Making
WindowWatcher not call GetSubjectPrincipal if the URL to be loaded is
chrome, since the calling principal is superfluous in this case.
No one has been able to find the root cause of this problem, but
this checkin works around it, which is the best we can do for now.
r=ducarroz@netscape.com, sr=jst@netscape.com
2001-05-18 06:56:29 +00:00
mstoltz%netscape.com 822c76926e Fixing bug 78831 - treat chrome and resource URLs the same in the
URL loading check and give them access to each other. r=pavlov,
 sr=brendan. This allows us to turn on the fix (already reviewed)
for 69070.
2001-05-15 22:47:21 +00:00
mstoltz%netscape.com cbe1b93f17 *** empty log message *** 2001-05-15 06:43:12 +00:00
mstoltz%netscape.com a2efeb43e7 bug 79445, fixing crash with some event handlers (null pointer dereference)
r/sr=brendan@mozilla.org. Also fixed a typo in prefs that would have reopened
bug 56009.
2001-05-15 04:44:54 +00:00
mstoltz%netscape.com f2b3d870ba bug 79916 - was using | instead of &, causing a security hole. r=jband, sr=brendan. 2001-05-11 00:53:21 +00:00
mstoltz%netscape.com d0f2b845b9 Fixes for bugs 79796, 77203, and 54060. r=jband@netscape.com,
sr=brendan@mozilla.org
2001-05-11 00:43:27 +00:00
dmose%netscape.com d9fefe861d more REQUIRES bustage fixing for senna; unicharutil dependency has been introduced because caps wants nsIDocShell which wants nsIPresContext 2001-05-10 18:48:46 +00:00
jst%netscape.com 61f5b1d1a1 Temporary workaround for the composer and other related problems caused by security manager problems, change by mstoltz@netscape.com, r=jst@netscape.com 2001-05-09 02:53:46 +00:00
jst%netscape.com adf1d8320a Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com. 2001-05-08 16:46:42 +00:00
ccarlen%netscape.com df1a6e78a8 Bug 78745 - nsIPromptService::ConfirmEx needs to be more flexible. r=valeski, sr=sfraser 2001-05-06 15:03:55 +00:00
kandrot%netscape.com d5bd552195 Check in for Ron Guilmette. r=shaver, sr=waterson. For intl r=nhotta. Changes for NS_IMPL_NSGETMODULE. bug #46775. 2001-05-05 05:33:37 +00:00
mkaply%us.ibm.com 1e48cea7cc #76913
r=mstoltz, sr=brendan
Fix some calling convention - PR_ to JS_
2001-05-02 00:02:59 +00:00
cls%seawood.org 25c6dc1c7e Set EXPORT_LIBRARY=1 in all pertinent Makefile.ins. Allows us to build the final link list as we traverse the tree. Bug #46775 2001-04-28 19:48:12 +00:00
valeski%netscape.com 9e8d80d70f mozilla diffs r=tao, sr=alecf, commercial diffs r=syd, sr=syd/shaver. lower-casing JS calls to createBundle. removing un-used nsILocale param from nsIStringBundle::CreateBundle(). 76332 2001-04-27 21:30:24 +00:00
sfraser%netscape.com 5e35cbdbc0 Backing out valeski 2001-04-27 05:53:22 +00:00
valeski%netscape.com def10e77f9 mozilla tree r=tao, sr=alecf. commercial tree r=syd, sr=syd/shaver. lowercasing the first char in JS method calls to createBundle. removing the dead locale parameter in the CreateBundle() method call. 76332 2001-04-27 04:16:22 +00:00
bnesse%netscape.com 19dccef1bc Prefs API refactoring. Bug #46863. r=valeski, sr=alecf. 2001-04-26 18:41:11 +00:00
ccarlen%netscape.com fad24de4ee Bug 46859 - Remove UniversalDialog. r=valeski/sr=rpotts,sfraser/a=blizzard 2001-04-21 00:26:18 +00:00
bryner%uiuc.edu cbc8cea88c Backing out bnesse's fix for bug 46863 due to numerous types of runtime bustage on linux and windows. a=brendan. 2001-04-20 06:45:56 +00:00
bnesse%netscape.com 6a048b1a8f Landing PrefAPI refactoring bug 46863. r=valeski, sr=alecf, a=blizzard. 2001-04-19 22:21:39 +00:00
mstoltz%netscape.com c302defdcd More fixes for 55237, cleaned up CheckLoadURI and added a check on "Edit This Link." Also added error reporting (bug 40538).
r=beard, sr=hyatt
2001-04-17 01:21:44 +00:00
dbaron%fas.harvard.edu 1f23f5941d Fix leaks of global objects. b=76091 r=mstoltz@netscape.com sr=hyatt@netscape.com 2001-04-17 00:12:28 +00:00
shaver%mozilla.org e2dc3d6d88 75152: Remove GetVersionNumber stub in favour of upcoming, less-invasive
preloader strategy. r=jag, sr=attinasi.
2001-04-11 14:23:13 +00:00
disttsc%bart.nl 748e1ece2f Clean up MODULE/REQUIRES, bug=73353, r=cls 2001-04-08 08:33:11 +00:00
dbaron%fas.harvard.edu 60d5b49964 Fix MOZ_TRACK_MODULE_DEPS (senna tinderbox) bustage by adding new header file dependencies to REQUIRES. 2001-04-07 04:29:01 +00:00
danm%netscape.com 378b2f48b9 removing use of nsNetSupportDialog. bug 72112 continued. r=hyatt,morse,mstoltz,various 2001-04-07 03:33:56 +00:00
dprice%netscape.com 3e31ab9946 65845 - new order files 2001-04-05 06:02:32 +00:00
rickg%netscape.com c1ce80ae83 preloader update. r=peterl, sr=attinasi 2001-04-03 22:58:59 +00:00
disttsc%bart.nl 96f5f6cf31 Add "gfx2" and "imglib2" to REQUIRES lines in Makefile.in for MOZ_TRACK_MODULE_DEPS builds (e.g. senna) 2001-03-30 10:39:06 +00:00
disttsc%bart.nl 812a462213 Fix MOZ_TRACK_MODULE_DEPS bustage 2001-03-23 08:44:39 +00:00
disttsc%bart.nl 9149e8b0b4 Fix MOZ_TRACK_MODULE_DEPS bustage. 2001-03-23 08:16:59 +00:00
mstoltz%netscape.com b26a1f0451 Bugs 55069, 70951 - JS-blocking APIs for mailnews and embedding. r=mscott, sr=attinasi.
Bug 54237 - fix for event-capture bug, r=heikki, sr=jband.
2001-03-23 04:22:56 +00:00
blakeross%telocity.com de8b54d4c3 Fix 49334: gopher support, minor restructuring of directory viewer. necko: r=darin,dougt sr=rpotts other: r=waterson,mstoltz,jag sr=alecf
Fix 70404: assertions or datetime and finger. r=dougt, sr=rpotts

Both patches by Bradley Baetz (bbaetz@cs.mcgill.ca)
2001-03-14 02:42:39 +00:00
dprice%netscape.com 1b42d68e45 71057 sr=waterson new order files. NOT PART OF THE REGULAR BUILD 2001-03-13 10:47:37 +00:00
valeski%netscape.com a8e9bc5bd5 sr=rpotts, r=gagan. 70743. switching over to new extensible URI::SchemeIs() api 2001-03-13 02:02:05 +00:00
suresh%netscape.com b02946cae2 Adding aim protocol to the list. No Specific bug number. r=syd. sr=mstoltz 2001-03-07 05:58:45 +00:00
beard%netscape.com 4122626e4f Switch from NS_STATIC_CAST to NS_REINTERPRET_CAST to fix bustage on Mac. r=mstoltz 2001-03-02 01:13:35 +00:00
mstoltz%netscape.com 6672d1a27a bug 47905, adding security check to XMLHttpRequest.open(). r=heikki, sr=brendan 2001-03-02 00:09:20 +00:00
dprice%netscape.com 5184a7104b # 65845 sr=waterson, new order files will greatly reduce the number of link warnings. 2001-02-27 04:38:19 +00:00
mstoltz%netscape.com 407dac60d8 bug 63451 - moved signature verification functions from nsIZipReader to nsIJAR. r=sgehani, sr=shaver 2001-02-23 00:15:04 +00:00
disttsc%bart.nl 744785129a Mass REQUIRES update to synch up with string lib and xul changes in an attempt to fix senna bustage. r=jst, sr=cls 2001-02-22 09:35:51 +00:00
mstoltz%netscape.com 8720e0c142 Bug 66331, nsCodebasePrincipal::GetOrigin needs to specify the port
if nonstnandard. Fixes a bug in LiveConnect. r=dougt, sr=jband.
2001-02-14 00:27:34 +00:00
dprice%netscape.com 343dcec924 65845 First cut of the order files 2001-02-13 02:34:59 +00:00
beard%netscape.com 234eb9d4b5 fix for bug #63466, r=mstoltz, sr=brendan, a=leaf 2001-02-12 07:47:28 +00:00
gagan%netscape.com cded3e2f30 Optimization for scheme comparison of URIs. See bug 66577 for details. r=darin, sr=brendan@mozilla.org 2001-01-31 01:33:03 +00:00
mstoltz%netscape.com d1ff4c4a38 Bug 66369, adding support for per-file permissions granting to caps. r=jst, sr=jband. 2001-01-27 01:42:20 +00:00
bryner%uiuc.edu 3c4d17f118 Removing .cvsignore file so this directory will go away. Not part of build. 2000-12-28 21:08:29 +00:00
jband%netscape.com e383c347e4 fix bug 55506. If seman was initialized too early then it was failing to register its nameset. This happened on first run when JS Component Loader would use the secman. The result was that all calls to the security manager via JavaScript would fail for that session. This fixes that by continuing to try to register the nameset until it actually succeeds. r=mstoltz a=brendan 2000-11-30 05:32:08 +00:00
cls%seawood.org 8bd122b3d5 Resurrect REQUIRES so that we have some sort of means to track intermodule dependencies. Bug #59454 r=blizzard@mozilla.org 2000-11-20 07:16:06 +00:00
dbaron%fas.harvard.edu d932c515d5 Make nsDestroyJSPrincipals stop confusing the leak stats by calling AddRef, but not when the refcount is 0. r=mstoltz@netscape.com sr=brendan@mozilla.org b=59135 2000-11-08 03:06:57 +00:00
mstoltz%netscape.com 3161a54c16 Fixing bugscape 3109, LiveConnect exploit. sr=jband, brendan.
Fixing 58021, exploit in "open in new window," bug 55237. sr=brendan
2000-11-07 01:14:08 +00:00
mstoltz%netscape.com 0caa769ac2 Bug 57937, signed frames denied access to unsigned frames. r=mccabe, sr=brendan 2000-10-30 20:05:07 +00:00
warren%netscape.com 4189314fdb Bug 47207. Backing out logging/PRINTF changes until we can fix stopwatch.h, introduce double parens, etc. 2000-10-28 22:17:53 +00:00
warren%netscape.com 6e35f97e31 Bug 47207. Changing printf to PRINTF to use new logging facility. r=valeski,sr=waterson 2000-10-27 22:43:51 +00:00
mscott%netscape.com 4b5a54deb0 Bug #48403 --> don't allow JS running in a mailnews sand box to change the name of it's containing iframe.
this code was contributed by mstoltz.
r=beard, sr=mscott
2000-10-24 00:52:02 +00:00
pollmann%netscape.com 87208694ab Bug 13871: Prevent frameset spoofing r=mstoltz, sr=mscott, a=rpotts 2000-10-19 10:25:49 +00:00
mstoltz%netscape.com 99a2b79580 Fixing 56009, exploit allowing XPConnect access. r,a=hyatt, sr=scc 2000-10-13 22:59:47 +00:00
mstoltz%netscape.com 940c5078d1 Fixing 52497, security problem in document.implementation, r=jst a=brendan 2000-09-20 23:38:28 +00:00
warren%netscape.com 075350b1c8 Landing jar packaging from jar_restructuring_branch. r=hyatt,dprice,sfraser,dveditz,vishy,sgehani 2000-09-20 19:35:24 +00:00
jband%netscape.com c53517dae2 fix memory corruption bug 52382. r=mstoltz 2000-09-14 08:48:53 +00:00
rayw%netscape.com 6cc70ebd6c Bug 37275, Changing value of all progids, and changing everywhere a progid
is mentioned to mention a contractid, including in identifiers.

r=warren
2000-09-13 23:57:52 +00:00
jdunn%netscape.com 3ebb4117a1 Fix warning which requires a return value from functions
r= brendan@mozilla.org scc@mozilla.org
#= 52254
2000-09-13 11:29:18 +00:00
mstoltz%netscape.com 397dd0a60e bug 44147, caps grant dialog now being created from DOMWindow->GetPrompter instead of nsIPrompt service. r=dbragg 2000-09-09 00:53:21 +00:00
mstoltz%netscape.com 586719c321 bug 50304, adding "static" to security policy struct, should save some memory and time. r=rogerl 2000-09-07 19:03:23 +00:00
scc%mozilla.org 5e20db47e1 more GCC fixes 2000-09-03 06:41:18 +00:00