6ba76593b3
* Fix the following bugs by tightening the default security policy.
...
17977 [DOGFOOD] Reading documents using document.body
17538 document.lastModified is exposed
17537 document.images vulnerabilities
16036 [DOGFOOD] document.Element exposes the DOM of documents from
15757 [DOGFOOD] Injecting JS code using setAttribute and getElemen
15550 Injecting text in documents from any domain using createText
15067 [DOGFOOD] getElementsByTagName() allows reading of arbitrary
* Create an array of dom property policy types and initialize it when the script security manager is created.
* Move some implementation code to a new shared implementation base class.
* Implement privilege enabling, disabling and reverting
* Implement stack walking for checking privileges.
r=mstoltz@netscape.com
* Modify nsIPref to support security policy work.
r=neeti@netscape.com
1999-11-11 22:10:36 +00:00
8535dda53e
updated xPL license boilerplate to v1.1, a=chofmann@netscape.com,r=endico@mozilla.org
1999-11-06 03:43:54 +00:00
f665b3c482
work on bug 7270.
...
r=mstoltz.
Implement netscape.security.PrivilegeManager callbacks.
1999-10-28 22:09:03 +00:00
00dfd9d907
Added nsIChannel::GetOriginalURI so that we can get back to the original chrome file (bug#17144). r=rpotts,mscott
1999-10-26 09:16:24 +00:00
d1e37156bd
Add ability to disable JS. Fix 13978 shopping at webvan.com crashes
1999-09-17 20:13:52 +00:00
ae296a06da
Add security support for javascript: uris.
1999-09-15 20:58:41 +00:00
1dec7e80f7
Create preferences for security checks.
...
Add new methods on nsIScriptSecurityManager for capabilities.
Fix 13739 MLK: nsScriptSecurityManager::CreateCodebasePrincipal
Fix 11666 Eliminate plvector (was: [infinite loop] bugs - plvector.c)
1999-09-15 04:05:43 +00:00
003099e93a
Remove unused files.
1999-09-13 20:10:24 +00:00
328b2bad86
Fix build breakage: full #include needed.
1999-09-07 21:26:56 +00:00
d5c6824781
Fix bug 13253.
...
Enable restrictions on use of Components array from web JavaScript.
1999-09-07 20:40:20 +00:00
85a18579d5
Cleaned it up and eliminated the pointless #!gmake.
1999-09-01 23:27:16 +00:00
fa389e8dfb
nsIPrincipalManager.idl removed.
1999-09-01 01:34:11 +00:00
bff57397e0
Add all-powerful system principals. Remove some dead code from the build.
1999-09-01 00:54:35 +00:00
6397eaf9f8
Adding new flag to the security check calls out of the DOM generated JS files.
1999-08-31 14:23:54 +00:00
59b4dc8374
* clean up nsScriptSecurityManager
...
* remove nsJSSecurityManager
* save principals in nsIChannels and nsIDocuments
1999-08-29 21:58:42 +00:00
bb8560101c
includes updates to codbase matching security checks currently turned off
...
but in place. redefined the script security manager in caps and it is
now generating codebase principals.
1999-08-20 09:51:02 +00:00
96773aef1f
removing public directory for good. fixed up nsPrivilegeManager.cpp
1999-08-08 21:04:16 +00:00
9b8f77f338
added a new and improved factory to caps module. fixed some bugs and
...
cleared some warnings. also move some methods of privilege manager to
principal manager.
1999-08-06 22:44:35 +00:00
89e7fef930
add a principal manager to caps api. everything is now xpidled so
...
i removed the public directory from the module.
1999-08-01 21:26:02 +00:00
944fa42b7b
xpidling and updating nsTarget object. should resolve build errors on
...
SeaMonkey Ports
1999-07-28 05:43:26 +00:00
d99daeea9b
Cleaned it up and changed the name of libreg.{a,so} to libmozreg.{a,so} to fix the conflict reported in bug 8568.
1999-07-27 23:27:44 +00:00
561d1d2996
removed some enums and migrated them into nsPrivilege, nsIPrivilege and
...
nsPrivilegemanager. cleaning up some old code from the security module
and refining their api's and such like.
1999-07-27 00:50:59 +00:00
76ffc06aa5
Fix to the caps security module. I removed the nsPrincipal struct, from now
...
on you can access principals by their xpcomed interface nsIPrincipal.
1999-07-24 03:58:23 +00:00
e8fcb92124
ignore the generated Makefile
1999-07-18 00:26:01 +00:00
640c0ce3e6
idled principals interfaces and some fixes to caps manager...
1999-07-16 20:31:18 +00:00
7562aefe4a
Move several security files into idl. (Create idl directory in caps module.)
...
Implement methods of nsIXPCSecurityManager.
Fix random errors in DOM JS security.
1999-07-15 23:23:16 +00:00
norris%netscape.com
dmose%mozilla.org
warren%netscape.com
briano%netscape.com
joki%netscape.com
arielb%netscape.com
sspitzer%netscape.com