Граф коммитов

519 Коммитов

Автор SHA1 Сообщение Дата
roc+%cs.cmu.edu 52092297fe Bug 226439. Convert codebase to use AppendLiteral/AssignLiteral/LowerCaseEqualsLiteral. r+sr=darin 2004-06-17 00:13:25 +00:00
cbiesinger%web.de 5fef88f764 fix DEBUG_CAPS_HACKER bustage due to bug 240106
r=caillon sr=darin
2004-06-16 15:58:22 +00:00
dveditz%cruzio.com 1f3e1038f3 bug 162020 option to delay enabling confirmation buttons r=mkaply,sr=sspitzer 2004-06-05 09:26:01 +00:00
mkaply%us.ibm.com 18d9c2feaa #239580
r=danm, sr=dveditz
Extend ConfirmEx to allow setting the default button - change default button for script security to no
2004-05-24 13:33:51 +00:00
roc+%cs.cmu.edu b8ecbc84da Bug 226439. Convert Seamonkey to EqualsLiteral. rs=darin 2004-05-22 22:15:22 +00:00
bzbarsky%mit.edu 8d004584b6 Add a version of CheckLoadURI that takes a source principal instead of a source
URI.  Update a bunch of callers to use it.  Bug 233108, r=caillon, sr=dveditz
2004-04-25 16:55:27 +00:00
bryner%brianryner.com 4f8b5bf9d4 deCOMtaminate nsIScriptObjectPrincipal (bug 240745). This also fixes some code in nsCrypto.cpp that sems to have been mis-braced (I don't think it was working as intended). r+sr=jst. 2004-04-18 00:28:47 +00:00
gerv%gerv.net 692411203a Bug 236613: change to MPL/LGPL/GPL tri-license. 2004-04-17 21:52:36 +00:00
cbiesinger%web.de 6330e24449 Bug 235504 Remove nsCString::EqualsWithConversion(const char*)
r=darin sr=dbaron
2004-04-14 20:09:30 +00:00
jst%mozilla.jstenback.com 2e147004eb Backing out the fix for bug 235457 since it made typing URLs, and autocomplete in the the URL bar not work. 2004-03-16 19:06:10 +00:00
jst%mozilla.jstenback.com 9216581021 Fixing bug 235457. Make new windows opened through window.open be opened on the context of the opener, and make caps not lie about when capabilities are enabled. r=danm-moz@comcast.net, r=caillon@aillon.org, sr=brendan@mozilla.org, a=dbaron@dbaron.org 2004-03-16 06:57:54 +00:00
cbiesinger%web.de 9ea99a468f one more tweak, r=caillon 2004-03-06 20:54:47 +00:00
cbiesinger%web.de 7083875ebb making this sound less like it's PSM, rs=caillon 2004-03-06 20:47:21 +00:00
darin%meer.net 1d2d419885 landing dbaron's patch for bug 235735 "fix callers that cast away const on result of ns[C]String::get" r+sr=darin 2004-02-28 22:34:07 +00:00
darin%meer.net 0616fb43c2 fixes bug 234916 "Remove global/static NS_NAMED_LITERAL_C?STRING usage [was: Firefox crashes on startup on Mac OS X]" r=jst sr=dbaron 2004-02-25 02:08:34 +00:00
jst%mozilla.jstenback.com 8b6dc1c3ca Fixing bug 233307. deCOMtaminating nsIScript* and related interfaces. r+sr=bryner@brianryner.com. 2004-02-09 22:48:53 +00:00
bsmedberg%covad.net 1f4ab81acd Continuing to land the PACKAGING_20030906_BRANCH for bug 20640. Not part of the build, yet. 2004-01-07 13:37:00 +00:00
bsmedberg%covad.net f0bfff2628 Beginning to land the PACKAGING_20030906_BRANCH for bug 20640. Not part of the build, yet. 2004-01-07 01:22:31 +00:00
neil%parkwaycc.co.uk fc16739ba6 Bug 227758 make subjectPrincipalIsSystem unscriptable and checkSameOriginURI scriptable r=caillon sr=dveditz 2003-12-19 21:51:37 +00:00
pkw%us.ibm.com 05f05aab8b Bug 228095 - AIX: 64-bit build error in nsScriptSecurityManager.cpp
r=caillon@aillon.org, sr=brendan@mozilla.org, a=brendan@mozilla.org
2003-12-15 18:16:09 +00:00
caillon%returnzero.com 6a60ef1444 227079 - Mozilla asks for security privileges where it shouldn't
Make sure we check signed.applets.codebase_principal_support and special urls before going further.
r=jst sr=bzbarsky a=dbaron
2003-12-04 02:14:07 +00:00
brendan%mozilla.org 4be366b3cf Fix missing cx param problem (223041, r=caillon, sr=dbaron). 2003-11-03 04:26:55 +00:00
dbaron%dbaron.org d4816af9c5 Work around bustage. Temporary fix. b=223041 2003-11-02 02:31:53 +00:00
caillon%returnzero.com ea10d2257a Permit content to link to about:logo
Bug 223293; r=timeless sr=jst
2003-10-30 01:35:09 +00:00
caillon%returnzero.com de3d3fbf61 Re-land patch for bug 83536, merging principal objects.
Also includes fixes from bug 216041.
r=bzbarsky
sr=jst
2003-10-21 22:11:49 +00:00
brendan%mozilla.org ecb57316da Better version of last change, thanks to caillon for reminding me. 2003-09-28 04:55:50 +00:00
brendan%mozilla.org 4ff074c02b Forgot to update calls to formerly-static SecurityCompareURI (r+sr=bz). 2003-09-28 04:44:33 +00:00
brendan%mozilla.org 08f08cbf57 Expose nsIScriptSecurityManager::SecurityCompareURIs for use by nsGlobalWindow::SetNewDocument, to avoid spurious window.open same-origin violation errors (220421, r=caillon, sr=bzbarsky). 2003-09-28 04:22:01 +00:00
caillon%returnzero.com ced129793a about:about
Bug 56061
r=bryner@brianryner.com
sr=darin@meer.net
2003-09-13 19:35:59 +00:00
bryner%brianryner.com 9a8592b10f Fix build on gcc 3.4 by removing extra semicolons (bug 218551). r/sr=dbaron, a=brendan. 2003-09-07 21:37:51 +00:00
caillon%returnzero.com c11c6acb17 Backing out the patch to bug 83536.
I will reland this when 1.6a re-opens.
r+sr=jst@netscape.com
a=chofmann
2003-08-22 03:06:53 +00:00
caillon%returnzero.com acf063492f Bug 216234
Calling operator delete on an nsAutoPtr isn't good.
r+sr=dbaron@dbaron.org
a=asa@mozilla.org
2003-08-20 00:40:13 +00:00
cls%seawood.org c08e99a287 Set MODULE in makefiles at the top of a heirarchy so that module-deps lists are more precise and builds will have the proper order if some subdirs contain other modules. 2003-08-16 00:42:35 +00:00
caillon%returnzero.com e1a8e55d17 Bug 214949
Make XUL error pages work again by making GetOrigin() return the full spec for chrome: URIs and preventing principal lookups when the principals hash is empty.
r+sr=jst@netscape.com
a=rjesup@wgate.com
2003-08-10 02:26:11 +00:00
brendan%mozilla.org f6be8fe74f Add shared DHashTableOps for [const] char *key use-cases, clean up dhash API abusages (214839, r=dougt, sr=dbaron). 2003-08-05 20:09:21 +00:00
caillon%returnzero.com 9bd3d843a8 Adding comments, per bzbarsky. bug 214050. 2003-07-29 19:03:00 +00:00
caillon%returnzero.com fb75e2bf14 Don't let success of string bundle calls dictate the return value, continue to return errors. Still bug 214050. 2003-07-29 09:07:43 +00:00
caillon%returnzero.com 8d0409de47 Bug 214050
Start to localize some of the more common user-visible error messages in caps.
r+sr=bzbarsky@mit.edu
2003-07-29 05:28:00 +00:00
caillon%returnzero.com 0080f7ac51 Init mSecurityPolicy. This somehow got lost in between the last two revisions of my patch to bug 83536.
r=timeless,sr=bzbarsky on IRC.
2003-07-27 07:00:25 +00:00
caillon%returnzero.com 4f29a47803 213796 - Crash In CAPS.DLL On Startup [@ nsPrincipal::GetHashValue]
r+sr+caillonIsStupid=bzbarsky@mit.edu
2003-07-27 04:08:48 +00:00
caillon%returnzero.com a519b5abbd Bug 213847. Prompt the user for what to do if we don't know whether we can grant a capability.
r+sr=bzbarsky@mit.edu
2003-07-25 19:23:17 +00:00
mkaply%us.ibm.com 1ac925aeee Ports bustage - remove NS_COM per bsmedberg 2003-07-24 18:58:30 +00:00
caillon%returnzero.com 9c22160a4b Bug 83536.
Merge script principal implementations into one class.
Should reduce footprint, speed up calls to caps a little bit, and fixes several memory leaks.
Also fixes bugs 211174 and 211263
r=jst@netscape.com
sr=bzbarsky@mit.edu
moa=mstoltz@netscape.com (he looked at an earlier patch and said it looked fine, and will do a retroactive review when he returns from vacation as well)
2003-07-24 05:15:20 +00:00
seawood%netscape.com f542eb1b3e Removing extra ^M. Fixing Irix cc bustage 2003-06-28 05:15:41 +00:00
jst%netscape.com 48968be6c1 Fixing bug 210730. ClassInfoData optimizations. r+sr=jaggernaut@netscape.com 2003-06-27 03:10:49 +00:00
timeless%mozdev.org f14981a7f1 Bug 194872 CAPS vulnerability when doing cross-site-scripting with frames from different origins and different CAPS settings (allAccess, noAccess).
bustage (const char*)
sr=jst
2003-06-26 03:27:01 +00:00
mstoltz%netscape.com 13f4af7d21 Bug 194872 - Cache zone-policy data on the subject principal instead of the callee. r=nisheeth, sr=jst. 2003-06-26 00:18:43 +00:00
jst%netscape.com 2e8edec781 Fixing bug 209884. Writing an inline helper to safely get an nsIScriptContext from a JSContext and making direct callers of JS_GetContextPrivate() use the helper. r=caillon@aillon.org, sr=peterv@netscape.com 2003-06-24 21:43:01 +00:00
caillon%returnzero.com fe0731d91e Bug 163645 - User defined properties of window.navigator are not remembered when a new page is loaded.
Enable this for websites within the same domain only.
Also, fixes CheckSameOriginPrincipal to just check the principals, and not care whether we have anything on the JS stack.
r=mstoltz, sr=jst
2003-06-18 23:48:57 +00:00
harishd%netscape.com 5d5585b629 Grant access to SOAP response document's properties and also allow the document to be serializable. b=193953, r=heikki@netscape.com, sr=jst@netscape.com 2003-06-12 20:18:34 +00:00