Граф коммитов

6 Коммитов

Автор SHA1 Сообщение Дата
norris%netscape.com c19429e137 Adding nsAggregatePrincipal support. r=norris 2000-03-21 04:05:35 +00:00
norris%netscape.com 80d944693e Fix 25062 Reload vulnerability
25206 Reload vulnerability #2
Implement grant dialogs and persistence for capabilities.
most r=mstoltz, some code from morse w/ r=norris
2000-02-10 04:56:56 +00:00
norris%netscape.com 8343c4ead7 Fix 22909 previousSibling vulnerability
r=mstoltz
2000-01-06 00:59:18 +00:00
norris%netscape.com 6ba76593b3 * Fix the following bugs by tightening the default security policy.
17977 [DOGFOOD] Reading documents using document.body
17538 document.lastModified is exposed
17537 document.images vulnerabilities
16036 [DOGFOOD] document.Element exposes the DOM of documents from
15757 [DOGFOOD] Injecting JS code using setAttribute and getElemen
15550 Injecting text in documents from any domain using createText
15067 [DOGFOOD] getElementsByTagName() allows reading of arbitrary
* Create an array of dom property policy types and initialize it when the script security manager is created.
* Move some implementation code to a new shared implementation base class.
* Implement privilege enabling, disabling and reverting
* Implement stack walking for checking privileges.
r=mstoltz@netscape.com

* Modify nsIPref to support security policy work.
r=neeti@netscape.com
1999-11-11 22:10:36 +00:00
dmose%mozilla.org 8535dda53e updated xPL license boilerplate to v1.1, a=chofmann@netscape.com,r=endico@mozilla.org 1999-11-06 03:43:54 +00:00
norris%netscape.com bff57397e0 Add all-powerful system principals. Remove some dead code from the build. 1999-09-01 00:54:35 +00:00