henry.jia%sun.com
d62393acda
5th patch for bug 158080
...
Description: replace the hardcode of @mozilla.org/embedcomp/window-watcher;1 with NS_WINDOWWATCHER_CONTRACTID
Patch by Henry.Jia@sun.com
r=anto, sr=alecf
2002-08-06 06:32:02 +00:00
sicking%bigfoot.com
b2160d158c
Use principals instead of URIs for same-origin checks.
...
b=159348, r=bz, sr=jst, a=asa
2002-07-30 21:26:32 +00:00
mstoltz%netscape.com
5bd0d2e2f1
Bug 154930 - If one page has explicitly set document.domain and another has not,
...
do not consider them to be of the same origin for security checks. r=dveditz, sr=jst
2002-07-09 00:10:02 +00:00
harishd%netscape.com
d3d63601cf
Disable script on the requested docshell and the containing docshells. b=154647, r=mstoltz, sr=jst
2002-07-02 23:26:08 +00:00
mstoltz%netscape.com
c55abc30d5
Bug 152725 - Get URL passed to cookie module from document principal, not document URL.
...
THis ensures that cookies set by javascript URL pages are set in the correct domain.
r=morse, sr=dveditz.
2002-07-02 17:58:24 +00:00
harishd%netscape.com
7be79a0d54
Backing out my checkin to see if it fixes the Txul breakage
2002-06-27 23:32:51 +00:00
harishd%netscape.com
eff7c1ce17
** checking in for mstoltz **
...
Disable scripts on the requested docshell and containing docshells. Also, made setCurrentURI() scriptable ( approved by Adam Lock ). b=154647, r=harishd, sr=jst
2002-06-27 20:58:42 +00:00
mstoltz%netscape.com
76d3ee501f
133170 - Need to re-check host for security on a redirect after a call to
...
XMLHttpRequest.open(). For xmlextras, r=heikki, sr=jband. For caps,
r=bzbarsky, sr=jst
147754 - Add same-origin check to XMLSerializer. Patch by jst. r=mstoltz,
sr=jband
113351 - Add same-origin check to XSL Include. Patch by peterv and jst,
r=mstoltz, sr=rpotts
135267 - Add same-origin check to stylesheets included via LINK tags.
r=dveditz, sr=scc
2002-06-14 23:54:18 +00:00
dougt%netscape.com
e96df2ad1b
Fixes mozilla/strings requiring unfrozen nsCRT class. patch by scc, r=dougt, sr=jag, b=136756
2002-05-15 18:55:21 +00:00
darin%netscape.com
f43dfb75ba
fixes bug 142870 "nsIFile should use UCS-2 instead of UTF-8"
...
r=dougt sr=alecf
2002-05-07 23:07:19 +00:00
ben%netscape.com
09cdc7f458
[Chrome FastLoad]
...
Ensure that principals are written as Compound Objects using |WriteCompoundObject|, not using |WriteObject|
r=mstoltz, sr=brendan
2002-05-03 03:00:46 +00:00
darin%netscape.com
1b1677bbe9
fixes bug 129279 "nsIFile unicode/utf8/ascii task"
...
r=dougt sr=alecf
2002-04-27 05:33:09 +00:00
mstoltz%netscape.com
1163f76b50
Bug 136993 - Put the "trusted codebase principals" feature back in.
...
r=harishd, sr=jst, a=valeski
2002-04-13 01:53:46 +00:00
darin%netscape.com
0de3da6d32
fixes bug 134546 "Memory leak in nsScriptSecurityManager::GetBaseURIScheme()"
...
patch=pj@ludd.luth.se , r=mstoltz, sr=darin, a=rjesup@wgate.com
2002-04-03 20:23:57 +00:00
mstoltz%netscape.com
310147212f
A bunch of fixes in caps:
...
128697 - Added a pref listener for changes to capability.policy prefs,
removed profile-change listener
131025 - Removed insecure "trusted codebase principals" feature
131340 - Make nsCodebasePrincipal::Equals handle jar URLs correctly
131342 - Clean up privilege-grant dialog code
128861 - class policy hashtables allocated only when needed; avoids
PLDHash memory-use warning
Fixed comparison of -1 and 80 ports (Can't find the bug # right now)
All r=harishd, sr=jst, a=asa.
2002-03-20 05:53:46 +00:00
timeless%mac.com
fc883176bf
Bug 106386 rid source of misspellings
...
r=db48x sr=blake a=asa
2002-03-19 04:30:17 +00:00
alecf%netscape.com
f4fdfbb122
fix bug 129635 - write a destructor for DomainPolicy so that the hashtable is destroyed
...
(and not leaked!)
r=mstoltz, sr=vidur, a=asa
2002-03-10 00:41:08 +00:00
rginda%netscape.com
6c79c65bef
Bug 129503, "IsCapabilityEnabled should return PR_TRUE if no script on stack"
...
sr=brendan, r=mstoltz, a=asa
If the js stack has no principals on it, return PR_TRUE from IsCapabilityEnabled
. Currently, the only time we'd have a stack devoid of principals is when all f
unctions are native. If this assumption changes, this may need to be revisited
(depending on what it would mean to be a compiled script without a principal.)
2002-03-08 02:20:55 +00:00
darin%netscape.com
026dda9f95
fixes bug 124042 "support internationalized URIs" r=dougt, sr=alecf, a=asa
2002-03-06 07:48:55 +00:00
jband%netscape.com
b103d141c4
remove stale DEBUG_jband block. rs=jband a=dbaron
2002-03-05 08:02:05 +00:00
mstoltz%netscape.com
5db3c92b53
Bug 127938 - chrome scripts should be exempt from the security check put in for
...
bug 105050, on access to the opener property when the opener is a mail window.
r=pavlov, sr=jst, a=leaf.
2002-02-28 00:22:59 +00:00
mstoltz%netscape.com
c9cc21b1f1
partially backing out my last change - weird dependency problem
2002-02-26 05:28:26 +00:00
mstoltz%netscape.com
7b15894b8c
32571, present confirmation dialog before allowing scripts to close windows.
...
105050, pass null window.opener when opener is a mail window.
both r=heikki, sr=jst, a=asa.
Backed out previously because of tinderbox problem, which should be fixed now.
2002-02-26 04:50:21 +00:00
jst%netscape.com
f12221c4d5
Fixing bug 111529. Optimizing out unnecessary QI calls from nsScriptSecurityManager::GetObjectPrincipal() and doing some other minor cleanups and speedups. r=nisheeth@netscape.com, sr=jband@netscape.com
2002-02-20 05:51:05 +00:00
cathleen%netscape.com
93709bacaa
eliminate nsCRT::strlen for char* strings (part 1), bug 124536 r=dp sr=brendan
2002-02-19 07:36:56 +00:00
mcafee%netscape.com
dbe661a6ae
Backing out mstoltz. r=dbaron,jrgm
2002-02-19 04:06:53 +00:00
mstoltz%netscape.com
7446e86422
Bug 105050 - return null window.opener to scripts if opener is a mail window.
...
Bug 32571 - Prompt user before allowing scripts to close windows if opener is null.
both r=heikki, sr=jst.
2002-02-19 01:09:45 +00:00
mkaply%us.ibm.com
476bcbf436
OS/2 bustage - callback needs to be in header
2002-02-13 13:30:06 +00:00
mstoltz%netscape.com
13c8dad931
Bug 119646 - Rewrite of the security manager policy database for improved
...
performance. r=jst, sr=jband.
2002-02-13 04:20:46 +00:00
alecf%netscape.com
634e2f6f0c
one more part of fix for bug 107575, including the much coveted whitespace
...
remove aIgnoreCase parameter from all nsString and nsCString consumers
sr=jag, r=shaver
2002-02-01 01:53:09 +00:00
sfraser%netscape.com
d285f8f560
Making the nsModuleComponentInfo data const; bug 74803. r=dp, sr=waterson
2002-01-30 21:14:20 +00:00
seawood%netscape.com
874c54280c
Landing the rest of the win32 gmake changes:
...
* Adds Makefile.ins to win32 specific dirs
* Adds WINNT ifdefs to Makefile.ins
* Causes NSPR to be compiled with --with-mozilla
* Misc general Makefile.in cleanup
Bug #58981 r=mcafee
2001-12-18 09:14:29 +00:00
jaggernaut%netscape.com
6ab111155d
Bug 104158: Use NS_LITERAL_STRING instead of XXXWithConversion("..."). r=bryner, rs=alecf
2001-12-16 11:58:03 +00:00
mstoltz%netscape.com
45defae20a
Bug 107387 - rename security.properties to caps.properties. r=nhotta, rs=jst.
2001-12-12 04:43:35 +00:00
ccarlen%netscape.com
b4f1e83674
Bug 98349 - Convert Mac build to CW7 and XML projects. Removing obsolete .mcp files. r=pink/sr=sfraser
2001-12-11 04:54:47 +00:00
ccarlen%netscape.com
2d15ad27bc
Adding new files for conversion to CW7 and XML project files. Bug 98349 r=pink/sr=sfraser.
2001-12-10 20:25:12 +00:00
mstoltz%netscape.com
ed6ab111b7
Bug 109113 - misplaced #ifdef DEBUG caused fix not to work in opt builds.
...
Moved #endif to exclude important call. r/sr=jst.
2001-11-27 00:29:20 +00:00
jband%netscape.com
f92134404a
trivial patch to make what is supposed to be a warning really a warning instead of an assert. rs=jband
2001-11-22 23:26:34 +00:00
peterv%netscape.com
35a301d30e
Fixing mac debug bustage. Patch suggested by jst, sr=jst.
2001-11-16 10:50:33 +00:00
mstoltz%netscape.com
144ebd46ff
Bug 109113, second half of fix. r=jst, sr=brendan. Adding new CheckObjectAccess
...
callback to enforce the same-origin policy on function.caller.
2001-11-16 06:17:24 +00:00
dbaron%fas.harvard.edu
261f76a8ba
Ensure that string literals are used as |const char*| rather than |char*|. r=jag sr=brendan b=107052
2001-11-07 06:24:10 +00:00
seawood%netscape.com
c79715ed1b
Backing out fix for remote mach-o builds as it left mach-o builds fragile.
...
Add TK_CFLAGS back to default CFLAGS/CXXFLAGS.
Bug #107696
2001-11-03 03:29:05 +00:00
seawood%netscape.com
6daf60f372
Since '-framework Carbon' causes binaries to require console access to run, do not link using that flag by default. Otherwise, remote builds & non-console tinderboxes will break. Mac OSX Mach-O only.
...
Bug #107696 r=mozbot
2001-11-01 00:54:48 +00:00
mstoltz%netscape.com
fd8c486c4a
bug 106535, adding the ability to enable codebase principals for a single host
...
instead of for all hosts. r=vidur, sr=jst.
2001-10-26 23:00:48 +00:00
jaggernaut%netscape.com
39857aa5c7
Bug 53057: Fixing up users of implicit |CharT*| conversion operators for nsCString to use |.get()| instead, rr=dbaron, rs=scc
2001-10-25 06:13:52 +00:00
bnesse%netscape.com
5d3ba9e8a4
Fix for bug 103883. Add weak ref support for prefs observers to help reduce MLK cycles with preferences. r=ccarlen, darin, gordon, hewitt, mstoltz, srilatha, sspitzer. sr=alecf.
2001-10-22 20:54:48 +00:00
dougt%netscape.com
da7e1268bd
nsIObserver and nsIObserverService API freeze. r=rpotts@netscape.com, alecf@netscape.com. bug 99163
2001-10-19 20:52:59 +00:00
bzbarsky%mit.edu
c578c92399
Make CAPS correctly observe changes to capability.policy prefs. Needed
...
for having UI for these suckers. Bug 101150, r=mstoltz,sr=jst
2001-10-02 21:56:51 +00:00
jaggernaut%netscape.com
fdc4078bc4
Bug 100476: Convert uses of member functions ToNewUnicode, ToNewCString and ToNewUTF8String to their global versions and remove support from nsCString and nsString. r=dbaron, rs=scc
2001-09-29 08:28:41 +00:00
gerv%gerv.net
2cab766559
License changes, take 2. Bug 98089. mozilla/config/, mozilla/caps/, mozilla/build/.
2001-09-25 01:03:58 +00:00