Граф коммитов

68 Коммитов

Автор SHA1 Сообщение Дата
gerv%gerv.net 2a80f3fea9 Oops. 2001-09-20 00:02:59 +00:00
scc%mozilla.org 63e86dc84f bug #98089: ripped new license 2001-09-19 20:09:47 +00:00
brendan%mozilla.org 8c7c819206 FASTLOAD_20010703_BRANCH landing, r=dbaron, sr=shaver. 2001-07-31 19:05:34 +00:00
mstoltz%netscape.com 50f00fbc78 Bug 77485 - defining a function in another window using a targeted javascript:
link. Prevent running javascript: urls cross-domain and add a security check for adding
and removing properties. r=harishd, sr=jst.
2001-07-13 07:08:26 +00:00
ddrinan%netscape.com a86397a93a PCKS7 implementation for signed JS. Bug# 82227 r=mstoltz@netscape.com,sr=blizzard@mozilla.org,a=blizzard@mozilla.org 2001-05-23 22:06:43 +00:00
mstoltz%netscape.com edf3f8a6e9 Re-checking-in my fix for 47905, which was backed out last night because of a bug in some other code that was checked in along with it. This checkin was not causing the crasher and is unchanged. See earlier checkin comment - in short, this adds same-origin to XMLHttpRequest and cleans up some function calls in caps, removes some unnecessary parameters. r=vidur, sr=jst. 2001-05-19 00:33:51 +00:00
blizzard%redhat.com e1e5c32a99 Back out mstoltz because of blocker bug #81629. Original bugs were 47905 79775. 2001-05-18 17:41:23 +00:00
mstoltz%netscape.com 201736a175 Bug 47905 - adding security check for XMLHttpRequest.open.
Added nsIScriptSecurityManager::CheckConnect for this purpose.
Also cleaned up the security check API by removing some unnecessary
parameters. r=vidur@netscape.com, sr=jst@netscape.com

Bug 79775 - Forward button broken in main mail window. Making
WindowWatcher not call GetSubjectPrincipal if the URL to be loaded is
chrome, since the calling principal is superfluous in this case.
No one has been able to find the root cause of this problem, but
this checkin works around it, which is the best we can do for now.
r=ducarroz@netscape.com, sr=jst@netscape.com
2001-05-18 06:56:29 +00:00
mstoltz%netscape.com d0f2b845b9 Fixes for bugs 79796, 77203, and 54060. r=jband@netscape.com,
sr=brendan@mozilla.org
2001-05-11 00:43:27 +00:00
jst%netscape.com adf1d8320a Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com. 2001-05-08 16:46:42 +00:00
mstoltz%netscape.com c302defdcd More fixes for 55237, cleaned up CheckLoadURI and added a check on "Edit This Link." Also added error reporting (bug 40538).
r=beard, sr=hyatt
2001-04-17 01:21:44 +00:00
mstoltz%netscape.com b26a1f0451 Bugs 55069, 70951 - JS-blocking APIs for mailnews and embedding. r=mscott, sr=attinasi.
Bug 54237 - fix for event-capture bug, r=heikki, sr=jband.
2001-03-23 04:22:56 +00:00
mstoltz%netscape.com 6672d1a27a bug 47905, adding security check to XMLHttpRequest.open(). r=heikki, sr=brendan 2001-03-02 00:09:20 +00:00
mstoltz%netscape.com d1ff4c4a38 Bug 66369, adding support for per-file permissions granting to caps. r=jst, sr=jband. 2001-01-27 01:42:20 +00:00
mstoltz%netscape.com 3161a54c16 Fixing bugscape 3109, LiveConnect exploit. sr=jband, brendan.
Fixing 58021, exploit in "open in new window," bug 55237. sr=brendan
2000-11-07 01:14:08 +00:00
mstoltz%netscape.com 99a2b79580 Fixing 56009, exploit allowing XPConnect access. r,a=hyatt, sr=scc 2000-10-13 22:59:47 +00:00
rayw%netscape.com 6cc70ebd6c Bug 37275, Changing value of all progids, and changing everywhere a progid
is mentioned to mention a contractid, including in identifiers.

r=warren
2000-09-13 23:57:52 +00:00
mstoltz%netscape.com 88846ce93b Fixing 41876 r=hyatt, also 48724, 49768, and crasher in nsBasePrincipal.cpp, r=jtaylor 2000-08-22 02:06:52 +00:00
jband%netscape.com 02b25f73f7 fix bug 47410. Allow JS components to implement nsISecurityCheckedComponent and have sidebar componnet implement it to allow access from untrusted scripts. a=brendan@mozilla.org a=johng@netscape.com 2000-08-08 23:59:32 +00:00
vidur%netscape.com b22731f07d Checking in for mccabe, since he had to leave town. Partial fix for bug 41429. Adding a new interface that components can implement to control the capabilities needed for XPConnect access to them - default is UniversalXPConnect. r=vidur 2000-06-23 14:32:38 +00:00
joki%netscape.com ac67aba0ee Part of fix for 38117, prevent scripts from running event handlers on windows from other domains. r:mstoltz 2000-06-21 00:21:50 +00:00
warren%netscape.com 958ed96edd Renaming nsIAllocator to nsIMemory (and nsAllocator to nsMemory). API cleanup/freeze. Bug #18433 2000-06-03 09:46:12 +00:00
mstoltz%netscape.com 3ec39eeed8 Removing archive attribute from nsCertificatePrincipal. This will not be used. 2000-05-16 22:37:38 +00:00
mstoltz%netscape.com ecc9b44676 Fixes for 32878, 37739. Added PR_CALLBACK macros. Changed security.principal pref syntax to a nicer syntax. Removed "security.checkxpconnect" hack. 2000-05-16 03:40:51 +00:00
mstoltz%netscape.com 0f88b44d07 Removed dependency of libjar on psm-glue, bug 36853. Fixed out parameter type problem in PSMComponent::HashEnd 2000-05-10 01:49:33 +00:00
mstoltz%netscape.com 2483630a16 Added archive attribute to nsICertificatePrincipal...part of fix for 37481. 2000-05-01 23:39:51 +00:00
mstoltz%netscape.com 4794c651b5 Fixes for 27010, 32878, and 32948. 2000-04-26 03:50:07 +00:00
mstoltz%netscape.com 200b920525 Backing out changes until I can figure out why it's crashing on startup. 2000-04-23 21:25:39 +00:00
mstoltz%netscape.com 9ac7780368 Fixes for bugs 27010, 32878, 32948. 2000-04-23 20:30:29 +00:00
norris%netscape.com a3caa18f07 Fix
28390, 28866, 34364
r=brendan@mozilla.org
35701
r=jst@netscape.com
2000-04-14 03:14:53 +00:00
mstoltz%netscape.com 72ad6e26bf Fixed bug 30915 using nsAggregatePrincipal. r=norris 2000-03-31 00:31:18 +00:00
norris%netscape.com c19429e137 Adding nsAggregatePrincipal support. r=norris 2000-03-21 04:05:35 +00:00
norris%netscape.com b06e55722c Files:
caps/idl/nsICertificatePrincipal.idl
	caps/idl/nsIPrincipal.idl
	caps/src/nsBasePrincipal.cpp
Implement the ability to manipulate multiple capabilties simultaneously.
r=mstoltz@netscape.com

Files:
	caps/src/nsCodebasePrincipal.cpp
Codebase equality should be based upon origin, not full path.
r=mstoltz@netscape.com

Files:
	caps/src/nsScriptSecurityManager.cpp
Change URI checking to deny based upon scheme rather than allow based upon
scheme for greater flexibility.
r=mstoltz@netscape.com

Files:
	dom/public/nsDOMPropEnums.h
	dom/public/nsDOMPropNames.h
	dom/src/base/nsGlobalWindow.cpp
	modules/libpref/src/init/all.js
Fix bug 20469 Seeing JS functions and global variables from arbitrary host
r=vidur@netscape.com

Files:
	dom/src/base/nsJSUtils.cpp
	dom/src/base/nsJSUtils.h
	dom/src/base/nsJSEnvironment.cpp
	dom/tools/JSStubGen.cpp
	layout/base/src/nsDocument.cpp
	layout/html/content/src/nsGenericHTMLElement.cpp
Improve performance by removing NS_WITH_SERVICE call for every DOM access.
Propagate XPCOM failure codes out properly.
r=vidur@netscape.com

Files:
	layout/html/document/src/nsFrameFrame.cpp
Fix 27387 Circumventing Same Origin security policy using setAttribute
r=vidur@netscape.com
2000-03-11 06:32:42 +00:00
norris%netscape.com 3d5f67908e Fix 28612 META Refresh allowed in Mail/News
r=mstoltz,a=jar
Fix 28658 File upload vulnerability
r=vidur,a=jar
2000-02-23 22:34:40 +00:00
norris%netscape.com 80d944693e Fix 25062 Reload vulnerability
25206 Reload vulnerability #2
Implement grant dialogs and persistence for capabilities.
most r=mstoltz, some code from morse w/ r=norris
2000-02-10 04:56:56 +00:00
norris%netscape.com 131271ae68 Fix bug #25864 watch() vulnerability
r=vidur,rogerl
2000-02-02 00:22:58 +00:00
mstoltz%netscape.com 184058eaaf Implemented the reading of capabilities data from prefs. Reads codebase and certificate principal data and populates ScriptSecurityManager's principals table. bug= 18122 r=norris, rginda 2000-01-18 21:54:01 +00:00
jband%netscape.com 7d0cb0f4bb Landing big set of DOM and XPConnect changes:
DOM: getting rid of JS_GetContextPrivate wherever possible. Use static parent
links where we can. When we do need to find this info about the caller
we call a function that knows how to get that info rather than inline calls
to JS_GetContextPrivate. This is all required for calling DOM objects on
non-DOM JSContexts as we do via xpconnect.

XPConnect: basic refactoring work to disassociate wrappers from the JSContext
that was active when the wrapper was constructed. This allows for calling into
wrapped JS objects on the right JSContext and for proper grouping of wrapped
native objects so that they can share proto objects. This also allows for
better sharing of objects and lays the foundations for threadsafety and
interface flattening.

Also, xpconnect tests are reorganized and improved.

fixes bugs: 13419, 17736, 17746, 17952, 22086

r=vidur r=mccabe r=norris r=cbegle
a=chofmann
1999-12-18 20:29:29 +00:00
norris%netscape.com afb1f1e1e3 Fix
20257 unable to edit existing images in editor due to JS error
	19933 JavaScript "window.location" core dumps in CAPS
Back out previous changes for enforcing security on listeners and go with a
simple restriction of access to the method for adding listeners.
r=mstoltz
1999-12-01 22:23:22 +00:00
norris%netscape.com b62c04253e Fix 18553 [DOGFOOD] addEventListener allows sniffing keystrokes
Add checks to nsScriptSecurityManager::CheckCanListenTo that take
a principal and ensure that the currently executing script code
either is from the same origin as that principal or has the
UniversalBrowserRead privilege enabled. (chrome code has all
privileges enabled by default.) It's okay for the principal passed in
to be null. That just signifies a privileged window/document that only
can be listened to with privileges.

I added GetPrincipal/SetPrincipal methods to nsIEventListenerManager.
nsDocument::GetNewListenerManager sets a principal on the listener
manager when it creates one. Obviously there are other places that
create listener managers, but scripts seem to go through this one.

Another change is to save some memory usage. Currently I allocate an
array of PolicyType that is NS_DOM_PROP_MAX elements long.
Unfortunately, compilers appear to allocate four bytes for each
PolicyType, so the array takes around 2400 bytes. I've added changes
to use two bit vectors that should consume about 1/16 that space.

r=joki

There are also changes that push nsnull onto the JSContext stack when
entering a nested event loop.

r=jband
1999-11-25 05:28:18 +00:00
norris%netscape.com 1c4dac85f3 Modify generated dom code to use a enum rather than a string for codesize
and efficiency.
Tighten checks on document properties and node properties. Should resolve
several bugs:
18965 document.firstChild vulnerability
19043 document.childNodes vulnerability
19044 document.lastChild vulnerability
r=mstoltz
1999-11-20 07:28:34 +00:00
norris%netscape.com 411aade911 * Fix 12124 [DOGFOOD] Reading user's preferences
* Implement site-specific security policies (bug 858)
r=mstoltz
* Use Recycle rather than delete[] to clean up Purify logs
r=law
1999-11-16 05:07:31 +00:00
norris%netscape.com 6ba76593b3 * Fix the following bugs by tightening the default security policy.
17977 [DOGFOOD] Reading documents using document.body
17538 document.lastModified is exposed
17537 document.images vulnerabilities
16036 [DOGFOOD] document.Element exposes the DOM of documents from
15757 [DOGFOOD] Injecting JS code using setAttribute and getElemen
15550 Injecting text in documents from any domain using createText
15067 [DOGFOOD] getElementsByTagName() allows reading of arbitrary
* Create an array of dom property policy types and initialize it when the script security manager is created.
* Move some implementation code to a new shared implementation base class.
* Implement privilege enabling, disabling and reverting
* Implement stack walking for checking privileges.
r=mstoltz@netscape.com

* Modify nsIPref to support security policy work.
r=neeti@netscape.com
1999-11-11 22:10:36 +00:00
dmose%mozilla.org 8535dda53e updated xPL license boilerplate to v1.1, a=chofmann@netscape.com,r=endico@mozilla.org 1999-11-06 03:43:54 +00:00
norris%netscape.com f665b3c482 work on bug 7270.
r=mstoltz.
Implement netscape.security.PrivilegeManager callbacks.
1999-10-28 22:09:03 +00:00
warren%netscape.com 00dfd9d907 Added nsIChannel::GetOriginalURI so that we can get back to the original chrome file (bug#17144). r=rpotts,mscott 1999-10-26 09:16:24 +00:00
norris%netscape.com d1e37156bd Add ability to disable JS. Fix 13978 shopping at webvan.com crashes 1999-09-17 20:13:52 +00:00
norris%netscape.com ae296a06da Add security support for javascript: uris. 1999-09-15 20:58:41 +00:00
norris%netscape.com 1dec7e80f7 Create preferences for security checks.
Add new methods on nsIScriptSecurityManager for capabilities.
Fix 13739 MLK: nsScriptSecurityManager::CreateCodebasePrincipal
Fix 11666 Eliminate plvector (was: [infinite loop] bugs - plvector.c)
1999-09-15 04:05:43 +00:00
norris%netscape.com 003099e93a Remove unused files. 1999-09-13 20:10:24 +00:00