Граф коммитов

212 Коммитов

Автор SHA1 Сообщение Дата
myk@mozilla.org ce1fde4562 backing out fix for bug 416534 as potential cause of mochitest failure 2008-02-26 19:23:36 -08:00
jonas@sicking.cc f3eb926449 Bug 416534: Clean up cross-site xmlhttprequest security checks. r/sr=peterv 2008-02-26 18:17:49 -08:00
jst@mozilla.org b8a6474030 Fixing bug 413767. Make caps use faster JS class/parent/private/proto accessors. r=mrbkap@gmail.com, sr=brendan@mozilla.org 2008-01-29 12:51:01 -08:00
benjamin@smedbergs.us a31eb73709 Bug 411327 - nsIXPCNativeCallContext should not inherit from nsISupports, r=mrbkap, a=schrep 2008-01-15 07:50:57 -08:00
jst@mozilla.org 69192344bd Fixing bug 408009. Make doGetObjectPrincipal() faster. r+sr=bzbarsky@mit.edu, r+a=brendan@mozilla.org 2007-12-12 15:02:25 -08:00
bzbarsky@mit.edu 926abc513f Somewhat reduce the amount of memory an nsPrincipal allocates in the common case. Bug 397733, r+sr+a=jst 2007-09-28 07:31:04 -07:00
bzbarsky@mit.edu 1512235b94 Make the nsISerializable implementation of nsPrincipal actually work. This makes it possible to save principal objects to a stream and read them back. Bug 369566, r=dveditz+brendan, sr=jst, a=jst 2007-09-17 15:18:28 -07:00
dveditz@cruzio.com 482ae113d1 bugs 230606 and 209234: add options to restrict file: URI same-origin policies, r+sr=jst, blocking+=pavlov 2007-09-06 00:02:57 -07:00
jwalden@mit.edu 12e960c504 Bug 348748 - Replace all instances of NS_STATIC_CAST and friends with C++ casts (and simultaneously bitrot nearly every patch in existence). r=bsmedberg on the script that did this. Tune in next time for Macro Wars: Episode II: Attack on the LL_* Macros. 2007-07-08 00:08:04 -07:00
bzbarsky@mit.edu 7c3bde0a77 Optimize immutability of codebase/domain a little bit. Bug 380475, r=dveditz, sr=biesi 2007-06-18 08:07:02 -07:00
benjamin@smedbergs.us 0ab7558e7b Bug 376636 - Building with gcc 4.3 and -pendatic fails due to extra semicolons, patch by Art Haas <ahaas@airmail.net>, rs=me 2007-04-23 07:21:53 -07:00
dbaron@dbaron.org cb52af13a3 Remove GetKeyPointer method from nsTHashtable key types. b=374906 r=bsmedberg 2007-03-27 08:34:59 -07:00
dbaron@dbaron.org 4d961c5c49 Remove unused getKey callback from PLDHashTableOps/JSDHashTableOps. b=374906 r=bsmedberg 2007-03-27 08:33:38 -07:00
roc+@cs.cmu.edu 0054412272 Bug 374866. Reftests for text-transform. r=dbaron 2007-03-22 16:01:14 -07:00
jonas%sicking.cc d7ad434701 Followup patch to bug 425201. Make sure to throw if xhr.open is called with an illegal uri. Also restore the nsIScriptSecurityManager.CheckConnect API as soap still uses it 2008-04-18 17:35:57 +00:00
jonas%sicking.cc 2ec9134081 Bug 425201: Allow XMLHttpRequest and document.load load files from subdirectories. r/sr=dveditz 2008-04-09 00:38:13 +00:00
jst%mozilla.org 8b559ed068 Landing followup fix for bug 402983 and re-enabling the new stricter file URI security policies. r+sr=bzbarsky@mit.edu 2008-03-22 16:50:49 +00:00
jst%mozilla.org 7e76d85044 Landing fix for bug 402983. Make security checks on file:// URIs symmetric. Patch by dveditz@cruzio.com, r=jonas@sicking.cc,bzbarsky@mit.edu. jst@mozilla.org 2008-03-21 04:39:10 +00:00
jonas%sicking.cc 1d6dc158f9 Bug 413161: Make nsIPrincipal::Origin ignore changes to document.domain. r/sr=dveditz 2008-03-19 00:27:57 +00:00
bzbarsky%mit.edu e5ba2cdf44 Finally kill off CheckSameOriginPrincipal, fix remaining callers to do the
checks they really want to be doing.  Fix screw-up in nsPrincipal::Equals if
one principal has a cert and the other does not.  Bug 418996, r=mrbkap,dveditz, sr=jst
2008-03-18 21:14:50 +00:00
jonas%sicking.cc 06f693a2bb Bug 416534: Clean up cross-site xmlhttprequest security checks. With fixes to tests this time. r/sr=peterv 2008-02-27 03:45:32 +00:00
myk%mozilla.org dd8660867d backing out fix for bug 416534 as potential cause of mochitest failure 2008-02-27 03:23:38 +00:00
jonas%sicking.cc 44be249fb2 Bug 416534: Clean up cross-site xmlhttprequest security checks. r/sr=peterv 2008-02-27 02:17:52 +00:00
jst%mozilla.org 87ad6994c9 Fixing bug 413767. Make caps use faster JS class/parent/private/proto accessors. r=mrbkap@gmail.com, sr=brendan@mozilla.org 2008-01-29 20:51:01 +00:00
benjamin%smedbergs.us c6b0868a4c Bug 411327 - nsIXPCNativeCallContext should not inherit from nsISupports, r=mrbkap, a=schrep 2008-01-15 15:51:02 +00:00
jst%mozilla.org d05eccb938 Fixing bug 408009. Make doGetObjectPrincipal() faster. r+sr=bzbarsky@mit.edu, r+a=brendan@mozilla.org 2007-12-12 23:02:26 +00:00
bzbarsky%mit.edu 14cbe66990 Somewhat reduce the amount of memory an nsPrincipal allocates in the common
case.  Bug 397733, r+sr+a=jst
2007-09-28 14:31:04 +00:00
bzbarsky%mit.edu db86f814d9 Make the nsISerializable implementation of nsPrincipal actually work. This
makes it possible to save principal objects to a stream and read them back.
Bug 369566, r=dveditz+brendan, sr=jst, a=jst
2007-09-17 22:18:28 +00:00
dveditz%cruzio.com ded345250e bugs 230606 and 209234: add options to restrict file: URI same-origin policies, r+sr=jst, blocking+=pavlov 2007-09-06 07:02:57 +00:00
jwalden%mit.edu ef68fcf595 Bug 348748 - Replace all instances of NS_STATIC_CAST and friends with C++ casts (and simultaneously bitrot nearly every patch in existence). r=bsmedberg on the script that did this. Tune in next time for Macro Wars: Episode II: Attack on the LL_* Macros. 2007-07-08 07:08:56 +00:00
bzbarsky%mit.edu 31b141921a Optimize immutability of codebase/domain a little bit. Bug 380475, r=dveditz, sr=biesi 2007-06-18 15:07:02 +00:00
benjamin%smedbergs.us 3fb4912f5d Bug 376636 - Building with gcc 4.3 and -pendatic fails due to extra semicolons, patch by Art Haas <ahaas@airmail.net>, rs=me 2007-04-23 14:22:04 +00:00
dbaron%dbaron.org d2a7c1e86a Remove GetKeyPointer method from nsTHashtable key types. b=374906 r=bsmedberg 2007-03-27 15:35:02 +00:00
dbaron%dbaron.org a32fb9b241 Remove unused getKey callback from PLDHashTableOps/JSDHashTableOps. b=374906 r=bsmedberg 2007-03-27 15:33:45 +00:00
bzbarsky%mit.edu 5abb54c90b Remove securityCompareURIs() from nsIScriptSecurityManager. Bug 327243, r+sr=jst 2006-11-14 22:46:45 +00:00
bzbarsky%mit.edu 142a417a31 Make it possible for protocol handlers to configure how CheckLoadURI should
treat them via their protocol flags.  Remove the protocol list we used before.
Bug 120373, r=dveditz, sr=darin
2006-11-10 23:49:08 +00:00
bzbarsky%mit.edu 25f194de58 Make GetOrigin dig into nested URIs. Bug 336303, r=dveditz, sr=jst 2006-05-12 00:05:40 +00:00
bzbarsky%mit.edu c85e631ff2 Disable optimization that relies on invariants we don't maintain. Bug 317240
wallpaper, r+sr=jst
2006-05-04 15:23:43 +00:00
bzbarsky%mit.edu 59f912e4ad Create a powerless non-principal and start using it. Bug 326506, r=mrbkap,
sr=dveditz
2006-04-02 20:58:26 +00:00
bzbarsky%mit.edu 3ebe726715 Followup fix for bug 307867 -- make sure to update our pointers to hashtable
entries when the entries move. r=dveditz, sr=brendan
2006-02-24 04:38:46 +00:00
bzbarsky%mit.edu 54eb4ccaac Remove dead code. Bug 327171, r=mrbkap, sr=shaver 2006-02-14 21:08:15 +00:00
bzbarsky%mit.edu d295c6f94f Get principals for XPConnect wrapped natives off their scope instead of walking
their parent chain.  Add some asserts to check that this actually does give the
same result, which it should with splitwindow.  Bug 289655, r=dbradley, sr=jst
2005-11-16 02:12:21 +00:00
cbiesinger%web.de d73e12f724 Bug 248052 Add a contract ID for a global channeleventsink. Make the
scriptsecuritymanager register for that and implement nsIChannelEventSink. Veto
redirects if CheckLoadURI fails. Remove the explicit usage of
nsIScriptSecurityManager from nsHttpChannel.cpp.

This eliminates js and xpconnect from REQUIRES, and brings us closer to remove
caps.

r=darin sr=bz
2005-11-08 20:47:16 +00:00
bzbarsky%mit.edu 1a0d80f303 Don't call nsIClassInfo::GetClassDescription unless we really have to. Bug
313157, r=dveditz, sr=jst
2005-10-20 23:49:59 +00:00
bzbarsky%mit.edu 113a48816f Comment-only fixes I forgot to make. Bug 240661. 2005-07-22 20:49:12 +00:00
bzbarsky%mit.edu dc27182f65 Expose the subject name for the cert and an nsISupports pointer to the cert on
nsIPrincipal that represents a certificate principal.  Change preference
storage to ensure matches in not only the fingerprint but also the subjectName
before applying privileges from preferences to a certificate principal.  Remove
possibility for creating certificate principals without a useful identifying
name and make sure that names don't get munged by being forced to ASCII.  Bug
240661, r=caillon, sr=dveditz, a=bsmedberg
2005-07-22 19:05:42 +00:00
timeless%mozdev.org 741e9f0d95 Bug 300853 Caps crash on cleanup [@ DomainPolicy::Drop]
patch by g.maone@informaction.com r=caillon sr=dveditz a=bsmedberg
2005-07-19 21:55:36 +00:00
timeless%mozdev.org 52a3cd7b1d Bug 217967 FF104 crash [@ PL_DHashTableOperate ] changing caps access control prefs
More consistent DomainPolicy lifecycle management avoids use of corrupted hashtable data
patch by g.maone@informaction.com r=dveditz sr=shaver a=bsmedberg
2005-06-29 16:29:49 +00:00
timeless%mozdev.org 3ce206754c Bug 292588 shutdown crash !sXPConnect [@ nsScriptSecurityManager::CheckObjectAccess]
store the runtime, unset the callback at shutdown
r=dveditz sr=jst a=asa
2005-06-07 21:57:56 +00:00
brendan%mozilla.org 403f448dbc Find active native function principals when walking the JS stack, and beef up eval-ish native safeguards (281988, r=shaver/caillon, sr=jst, a=drivers). 2005-05-04 06:28:36 +00:00