timeless%mozdev.org
39e4fcf204
Bug 196340 Change NS_REINTERPRET_CAST(nsIScriptContext*, JS_GetContextPrivate(cx)) to use Static Cast
...
r=mstoltz sr=heikki
2003-03-07 21:54:28 +00:00
brendan%mozilla.org
d40c318032
Generalize the JS_SetCheckObjectAccessCallback hook implemented here to deal with user-defined getters and setters (92773, r=mstoltz, sr=jst).
2003-03-06 19:40:14 +00:00
rginda%netscape.com
e93797d3ef
bug 191773, r=mstoltz, a=dbaron@dbaron.org
...
only allow x-jsd: urls from chrome: and resource:
2003-02-05 01:27:56 +00:00
seawood%netscape.com
4540357473
Whitespace change to trigger rebuild of libs that depend upon zlib.
2003-01-30 05:53:29 +00:00
bryner%netscape.com
75d0ab7d78
fixing IRIX bustage (^M's from mstoltz's checkin)
2003-01-25 03:58:38 +00:00
mstoltz%netscape.com
a0cc0ee7e5
Bug 189799 - Ignore username:password portion of URL when making URL comparisons for security. r=heikki, sr=jst, a=asa
2003-01-25 01:43:37 +00:00
sfraser%netscape.com
5697890fdd
Fix bug 127185: don't crash with a null JS context if running without XPT files. Fixes nsScriptSecurityManager to do more thorough error checking on initialization. r=mstoltz, sr=jst. Fixes bustage.
2003-01-17 02:00:01 +00:00
sfraser%netscape.com
f3c55ef954
Fix bug 127185: don't crash with a null JS context if running without XPT files. Fixes nsScriptSecurityManager to do more thorough error checking on initialization. r=mstoltz, sr=jst.
2003-01-17 01:00:15 +00:00
dbaron%dbaron.org
329252c847
Bug 178643: Remove uses of NS_INIT_ISUPPORTS, since it's no longer needed. r=timeless sr=jag
2003-01-08 19:24:38 +00:00
caillon%returnzero.com
b443430dc8
184257 - Updating pref callers. r=timeless sr=bzbarsky
2003-01-08 08:40:41 +00:00
seawood%netscape.com
4588fb970a
Start installing GRE libraries & components into a separate dist/gre directory as part of the default build.
...
Bug #186241 r=dougt
2002-12-28 01:15:07 +00:00
alecf%netscape.com
a7b81df6c6
take two at fixing bug 177401 - convert nsIBinaryStream over to using nsAString/nsACString for string values, to speed up fastload
...
sr=darin, r=dougt
(the previous checkin had a typo which disabled fastload entirely!)
2002-11-14 18:16:31 +00:00
alecf%netscape.com
50a35c0245
argh, back out my last checkin because Ts went UP not down!
2002-11-09 01:31:32 +00:00
alecf%netscape.com
e8fa3e1225
fix for bug 177401 - use nsAString& classes instead of wstring in nsIBinaryInputStream, to speed up fastload startup
...
sr=darin, r=dougt
2002-11-08 23:30:53 +00:00
mstoltz%netscape.com
291b95491f
Bug 168316 - When calling from Java into JS, add a "dummy" JS stack frame with
...
principal information for the security manager. r=dveditz, sr=jst, a=chofmann.
2002-10-30 03:15:59 +00:00
sspitzer%netscape.com
ea0876d123
fix for #168136 . r=mstoltz, sr=dveditz.
...
for pref controlled schemes, allow access if source scheme is chrome or res.
needed for the new "view filter log UI".
2002-09-12 20:27:07 +00:00
dougt%netscape.com
c5e8f896cd
166917. Clean up xpcom SDK includes. r=rpotts@netscape.com, sr=alecf@netscape.com, a=rjesup@wgate.com
2002-09-07 17:13:19 +00:00
jkeiser%netscape.com
1cc752dbaf
Make anonymous content inaccessible to web content (bug 164086), r=sicking@bigfoot.com, sr=jst@netscape.com
2002-08-29 04:05:39 +00:00
bbaetz%student.usyd.edu.au
e6efe12743
Backing out jkeiser's checkin for bug 164086 (not bug 96537) because he
...
left a file out, and the tree turned red....
2002-08-28 10:13:28 +00:00
jkeiser%netscape.com
f9f5ddfac8
Make anonymous content inaccessible to web content (bug 96537), r=sicking@bigfoot.com, sr=jst@netscape.com
2002-08-28 08:19:43 +00:00
henry.jia%sun.com
a65ab30704
Fix bug 159889: replace the hardcode of "@mozilla.org/preferences;1" with NS_PREF_CONTRACTID
...
Patch by leon.zhang@sun.com
r=Henry, sr=alecf
2002-08-19 04:29:58 +00:00
seawood%netscape.com
8ae6c40f5d
Removing old nmake build makefiles. Bug #158528 r=pavlov
2002-08-10 07:55:43 +00:00
henry.jia%sun.com
d62393acda
5th patch for bug 158080
...
Description: replace the hardcode of @mozilla.org/embedcomp/window-watcher;1 with NS_WINDOWWATCHER_CONTRACTID
Patch by Henry.Jia@sun.com
r=anto, sr=alecf
2002-08-06 06:32:02 +00:00
sicking%bigfoot.com
b2160d158c
Use principals instead of URIs for same-origin checks.
...
b=159348, r=bz, sr=jst, a=asa
2002-07-30 21:26:32 +00:00
mstoltz%netscape.com
5bd0d2e2f1
Bug 154930 - If one page has explicitly set document.domain and another has not,
...
do not consider them to be of the same origin for security checks. r=dveditz, sr=jst
2002-07-09 00:10:02 +00:00
harishd%netscape.com
d3d63601cf
Disable script on the requested docshell and the containing docshells. b=154647, r=mstoltz, sr=jst
2002-07-02 23:26:08 +00:00
mstoltz%netscape.com
c55abc30d5
Bug 152725 - Get URL passed to cookie module from document principal, not document URL.
...
THis ensures that cookies set by javascript URL pages are set in the correct domain.
r=morse, sr=dveditz.
2002-07-02 17:58:24 +00:00
harishd%netscape.com
7be79a0d54
Backing out my checkin to see if it fixes the Txul breakage
2002-06-27 23:32:51 +00:00
harishd%netscape.com
eff7c1ce17
** checking in for mstoltz **
...
Disable scripts on the requested docshell and containing docshells. Also, made setCurrentURI() scriptable ( approved by Adam Lock ). b=154647, r=harishd, sr=jst
2002-06-27 20:58:42 +00:00
mstoltz%netscape.com
76d3ee501f
133170 - Need to re-check host for security on a redirect after a call to
...
XMLHttpRequest.open(). For xmlextras, r=heikki, sr=jband. For caps,
r=bzbarsky, sr=jst
147754 - Add same-origin check to XMLSerializer. Patch by jst. r=mstoltz,
sr=jband
113351 - Add same-origin check to XSL Include. Patch by peterv and jst,
r=mstoltz, sr=rpotts
135267 - Add same-origin check to stylesheets included via LINK tags.
r=dveditz, sr=scc
2002-06-14 23:54:18 +00:00
dougt%netscape.com
e96df2ad1b
Fixes mozilla/strings requiring unfrozen nsCRT class. patch by scc, r=dougt, sr=jag, b=136756
2002-05-15 18:55:21 +00:00
darin%netscape.com
f43dfb75ba
fixes bug 142870 "nsIFile should use UCS-2 instead of UTF-8"
...
r=dougt sr=alecf
2002-05-07 23:07:19 +00:00
ben%netscape.com
09cdc7f458
[Chrome FastLoad]
...
Ensure that principals are written as Compound Objects using |WriteCompoundObject|, not using |WriteObject|
r=mstoltz, sr=brendan
2002-05-03 03:00:46 +00:00
darin%netscape.com
1b1677bbe9
fixes bug 129279 "nsIFile unicode/utf8/ascii task"
...
r=dougt sr=alecf
2002-04-27 05:33:09 +00:00
mstoltz%netscape.com
1163f76b50
Bug 136993 - Put the "trusted codebase principals" feature back in.
...
r=harishd, sr=jst, a=valeski
2002-04-13 01:53:46 +00:00
darin%netscape.com
0de3da6d32
fixes bug 134546 "Memory leak in nsScriptSecurityManager::GetBaseURIScheme()"
...
patch=pj@ludd.luth.se , r=mstoltz, sr=darin, a=rjesup@wgate.com
2002-04-03 20:23:57 +00:00
mstoltz%netscape.com
310147212f
A bunch of fixes in caps:
...
128697 - Added a pref listener for changes to capability.policy prefs,
removed profile-change listener
131025 - Removed insecure "trusted codebase principals" feature
131340 - Make nsCodebasePrincipal::Equals handle jar URLs correctly
131342 - Clean up privilege-grant dialog code
128861 - class policy hashtables allocated only when needed; avoids
PLDHash memory-use warning
Fixed comparison of -1 and 80 ports (Can't find the bug # right now)
All r=harishd, sr=jst, a=asa.
2002-03-20 05:53:46 +00:00
timeless%mac.com
fc883176bf
Bug 106386 rid source of misspellings
...
r=db48x sr=blake a=asa
2002-03-19 04:30:17 +00:00
alecf%netscape.com
f4fdfbb122
fix bug 129635 - write a destructor for DomainPolicy so that the hashtable is destroyed
...
(and not leaked!)
r=mstoltz, sr=vidur, a=asa
2002-03-10 00:41:08 +00:00
rginda%netscape.com
6c79c65bef
Bug 129503, "IsCapabilityEnabled should return PR_TRUE if no script on stack"
...
sr=brendan, r=mstoltz, a=asa
If the js stack has no principals on it, return PR_TRUE from IsCapabilityEnabled
. Currently, the only time we'd have a stack devoid of principals is when all f
unctions are native. If this assumption changes, this may need to be revisited
(depending on what it would mean to be a compiled script without a principal.)
2002-03-08 02:20:55 +00:00
darin%netscape.com
026dda9f95
fixes bug 124042 "support internationalized URIs" r=dougt, sr=alecf, a=asa
2002-03-06 07:48:55 +00:00
jband%netscape.com
b103d141c4
remove stale DEBUG_jband block. rs=jband a=dbaron
2002-03-05 08:02:05 +00:00
mstoltz%netscape.com
5db3c92b53
Bug 127938 - chrome scripts should be exempt from the security check put in for
...
bug 105050, on access to the opener property when the opener is a mail window.
r=pavlov, sr=jst, a=leaf.
2002-02-28 00:22:59 +00:00
mstoltz%netscape.com
c9cc21b1f1
partially backing out my last change - weird dependency problem
2002-02-26 05:28:26 +00:00
mstoltz%netscape.com
7b15894b8c
32571, present confirmation dialog before allowing scripts to close windows.
...
105050, pass null window.opener when opener is a mail window.
both r=heikki, sr=jst, a=asa.
Backed out previously because of tinderbox problem, which should be fixed now.
2002-02-26 04:50:21 +00:00
jst%netscape.com
f12221c4d5
Fixing bug 111529. Optimizing out unnecessary QI calls from nsScriptSecurityManager::GetObjectPrincipal() and doing some other minor cleanups and speedups. r=nisheeth@netscape.com, sr=jband@netscape.com
2002-02-20 05:51:05 +00:00
cathleen%netscape.com
93709bacaa
eliminate nsCRT::strlen for char* strings (part 1), bug 124536 r=dp sr=brendan
2002-02-19 07:36:56 +00:00
mcafee%netscape.com
dbe661a6ae
Backing out mstoltz. r=dbaron,jrgm
2002-02-19 04:06:53 +00:00
mstoltz%netscape.com
7446e86422
Bug 105050 - return null window.opener to scripts if opener is a mail window.
...
Bug 32571 - Prompt user before allowing scripts to close windows if opener is null.
both r=heikki, sr=jst.
2002-02-19 01:09:45 +00:00
mkaply%us.ibm.com
476bcbf436
OS/2 bustage - callback needs to be in header
2002-02-13 13:30:06 +00:00
mstoltz%netscape.com
13c8dad931
Bug 119646 - Rewrite of the security manager policy database for improved
...
performance. r=jst, sr=jband.
2002-02-13 04:20:46 +00:00
alecf%netscape.com
634e2f6f0c
one more part of fix for bug 107575, including the much coveted whitespace
...
remove aIgnoreCase parameter from all nsString and nsCString consumers
sr=jag, r=shaver
2002-02-01 01:53:09 +00:00
sfraser%netscape.com
d285f8f560
Making the nsModuleComponentInfo data const; bug 74803. r=dp, sr=waterson
2002-01-30 21:14:20 +00:00
seawood%netscape.com
874c54280c
Landing the rest of the win32 gmake changes:
...
* Adds Makefile.ins to win32 specific dirs
* Adds WINNT ifdefs to Makefile.ins
* Causes NSPR to be compiled with --with-mozilla
* Misc general Makefile.in cleanup
Bug #58981 r=mcafee
2001-12-18 09:14:29 +00:00
jaggernaut%netscape.com
6ab111155d
Bug 104158: Use NS_LITERAL_STRING instead of XXXWithConversion("..."). r=bryner, rs=alecf
2001-12-16 11:58:03 +00:00
mstoltz%netscape.com
45defae20a
Bug 107387 - rename security.properties to caps.properties. r=nhotta, rs=jst.
2001-12-12 04:43:35 +00:00
ccarlen%netscape.com
b4f1e83674
Bug 98349 - Convert Mac build to CW7 and XML projects. Removing obsolete .mcp files. r=pink/sr=sfraser
2001-12-11 04:54:47 +00:00
ccarlen%netscape.com
2d15ad27bc
Adding new files for conversion to CW7 and XML project files. Bug 98349 r=pink/sr=sfraser.
2001-12-10 20:25:12 +00:00
mstoltz%netscape.com
ed6ab111b7
Bug 109113 - misplaced #ifdef DEBUG caused fix not to work in opt builds.
...
Moved #endif to exclude important call. r/sr=jst.
2001-11-27 00:29:20 +00:00
jband%netscape.com
f92134404a
trivial patch to make what is supposed to be a warning really a warning instead of an assert. rs=jband
2001-11-22 23:26:34 +00:00
peterv%netscape.com
35a301d30e
Fixing mac debug bustage. Patch suggested by jst, sr=jst.
2001-11-16 10:50:33 +00:00
mstoltz%netscape.com
144ebd46ff
Bug 109113, second half of fix. r=jst, sr=brendan. Adding new CheckObjectAccess
...
callback to enforce the same-origin policy on function.caller.
2001-11-16 06:17:24 +00:00
dbaron%fas.harvard.edu
261f76a8ba
Ensure that string literals are used as |const char*| rather than |char*|. r=jag sr=brendan b=107052
2001-11-07 06:24:10 +00:00
seawood%netscape.com
c79715ed1b
Backing out fix for remote mach-o builds as it left mach-o builds fragile.
...
Add TK_CFLAGS back to default CFLAGS/CXXFLAGS.
Bug #107696
2001-11-03 03:29:05 +00:00
seawood%netscape.com
6daf60f372
Since '-framework Carbon' causes binaries to require console access to run, do not link using that flag by default. Otherwise, remote builds & non-console tinderboxes will break. Mac OSX Mach-O only.
...
Bug #107696 r=mozbot
2001-11-01 00:54:48 +00:00
mstoltz%netscape.com
fd8c486c4a
bug 106535, adding the ability to enable codebase principals for a single host
...
instead of for all hosts. r=vidur, sr=jst.
2001-10-26 23:00:48 +00:00
jaggernaut%netscape.com
39857aa5c7
Bug 53057: Fixing up users of implicit |CharT*| conversion operators for nsCString to use |.get()| instead, rr=dbaron, rs=scc
2001-10-25 06:13:52 +00:00
bnesse%netscape.com
5d3ba9e8a4
Fix for bug 103883. Add weak ref support for prefs observers to help reduce MLK cycles with preferences. r=ccarlen, darin, gordon, hewitt, mstoltz, srilatha, sspitzer. sr=alecf.
2001-10-22 20:54:48 +00:00
dougt%netscape.com
da7e1268bd
nsIObserver and nsIObserverService API freeze. r=rpotts@netscape.com, alecf@netscape.com. bug 99163
2001-10-19 20:52:59 +00:00
bzbarsky%mit.edu
c578c92399
Make CAPS correctly observe changes to capability.policy prefs. Needed
...
for having UI for these suckers. Bug 101150, r=mstoltz,sr=jst
2001-10-02 21:56:51 +00:00
jaggernaut%netscape.com
fdc4078bc4
Bug 100476: Convert uses of member functions ToNewUnicode, ToNewCString and ToNewUTF8String to their global versions and remove support from nsCString and nsString. r=dbaron, rs=scc
2001-09-29 08:28:41 +00:00
gerv%gerv.net
2cab766559
License changes, take 2. Bug 98089. mozilla/config/, mozilla/caps/, mozilla/build/.
2001-09-25 01:03:58 +00:00
gerv%gerv.net
2a80f3fea9
Oops.
2001-09-20 00:02:59 +00:00
scc%mozilla.org
63e86dc84f
bug #98089 : ripped new license
2001-09-19 20:09:47 +00:00
jaggernaut%netscape.com
e25262c61f
One module per line for REQUIRES. r=/sr=alecf
2001-09-18 22:01:13 +00:00
jaggernaut%netscape.com
3826eb9902
Bug 73353: splitting the modules on the REQUIRES lines in Makefile.in across multiple lines to more clearly show the changes made. sr=alecf
2001-09-18 13:41:47 +00:00
alecf%netscape.com
e5cc5abd22
Add REQUIRES to many modules for win32 support, bug 98372 r=cls
2001-09-12 20:32:40 +00:00
jband%netscape.com
a5cb743964
attempt to fix HP-UX and and some other Unix bustages. r=cls
2001-08-29 07:24:39 +00:00
mstoltz%netscape.com
cf70c6ad6d
bug 86799, adding support for wildcard security policies of the form
...
"capability.policy.group.*.property". Also added additional optimizations
and changed copy-initialization of NSCOMPtrs to direct initialization
throughout the file. r=harishd, sr=jst, a=asa.
2001-08-29 02:05:48 +00:00
dbaron%fas.harvard.edu
716f9f4695
Replace uses of deprecated NS_IMPL_ISUPPORTS and NS_IMPL_QUERYINTERFACE macros with NS_IMPL_{ISUPPORTS,QUERYINTERFACE}{1,0}. r=jag rs=brendan b=45797
2001-08-21 01:48:11 +00:00
sfraser%netscape.com
c94cd95c3c
Project cleanup, rs=scc. Don't link with OJI, which is a component.
2001-08-15 23:09:21 +00:00
cls%seawood.org
8405a1984e
Use NS_PTR_TO_INT32 macros to do 64-bit safe pointer conversions.
...
Bug #20860 r=Roland.Mainz@informatik.med.uni-giessen.de sr=brendan@mozilla.org
2001-08-14 07:59:59 +00:00
mstoltz%netscape.com
70f0d46fbc
86984 - make history.length sameOrigin-accessible. Security prefs change.
...
91714 - CheckLoadURI should trest 'safe' and 'unsafe' about: URLs as different protocols
56260 - 'Remember This Decision' in signed script grant dialog should default to unchecked
83131 - More descriptive security error messages
93951 - Added null check in GetBaseURIScheme to prevent crash.
All bugs r=jtaylor, sr=jst
2001-08-14 00:18:58 +00:00
brendan%mozilla.org
138a297e1f
Shrink principals struct back to where it was last week -- but it could go further (93043, r=shaver, sr=jst).
2001-08-09 01:15:57 +00:00
brendan%mozilla.org
1fc1c5e630
I'm such a C luddite.
2001-08-07 04:45:27 +00:00
brendan%mozilla.org
01289b3afb
Restore scriptable nsIClassInfo.classID but add fast/C++-only classIDNoAlloc; define and use nsIClassInfo::EAGER_CLASSINFO in caps (93792, sr=waterson&jst).
2001-08-07 03:59:29 +00:00
mstoltz%netscape.com
d3319276da
82495 - Support for the view-source protocol in CheckLoadURI
...
87887 - don't call InitPolicies or InitPrincipals if there are no prefs to process
83902 - Use weak reference to pref branch to avoid reference cycle
91619 - was leaking a char* - use nsXPIDLCString instead
86932 - Add support for per-site JS disabling to CanExecuteScripts
all bugs r=jesse, sr=dougt
2001-08-02 20:32:48 +00:00
brendan%mozilla.org
8c7c819206
FASTLOAD_20010703_BRANCH landing, r=dbaron, sr=shaver.
2001-07-31 19:05:34 +00:00
jaggernaut%netscape.com
c14d9c09a1
Bug 86734: Remove NS_WITH_SERVICE. r=dbaron, rs=scc, a=asa
2001-07-25 07:54:28 +00:00
jaggernaut%netscape.com
4d73a251ab
Bug 73353: clean up the REQUIRES lines in Makefiles.
2001-07-23 22:36:12 +00:00
dbaron%fas.harvard.edu
bf82abfd11
Header include dependency cleanup. b=64023 r=jag rs=brendan
2001-07-16 02:40:48 +00:00
mstoltz%netscape.com
50f00fbc78
Bug 77485 - defining a function in another window using a targeted javascript:
...
link. Prevent running javascript: urls cross-domain and add a security check for adding
and removing properties. r=harishd, sr=jst.
2001-07-13 07:08:26 +00:00
jaggernaut%netscape.com
03ab87e4a1
Bug 88413: Remove |GetUnicode()| from nsString (and replace it with |get()|). r=dbaron, rs=scc.
...
This removes all call-sites I can currently fix. Tomorrow I'll try to get someone to checkin my changes to security/ and I'll get some help with the Netscape side of things.
nsString::GetUnicode()'s final death-blow will be dealt soon. Please keep this in mind as you add new code :-)
2001-06-30 11:02:25 +00:00
mstoltz%netscape.com
0f456dda65
86019 - Change stack-walking code in caps to keep functions from inheriting privileges
...
from their caller. r=jesse@netscape.com , sr=jst@netscape.com , a=asa@mozilla.org , PDT+
86982 - Add same-origin security check to XMLDocument::Load(). r,a=blizzard@mozilla.org,
sr=jst@netscape.com
84191 - Fixing regression in Open URL dialog by not calling CheckLoadURI when it isn't
needed. r=cmanske@netscape.com , sr=sfraser@netscape.com , a=asa@mozilla.org
2001-06-22 02:08:10 +00:00
waterson%netscape.com
0877b1a573
Land STATIC_BUILD_20010612_BRANCH, which supports building mozilla with components statically linked into the executable, as well as 'meta modules' that combine components into uber-DLLs.
2001-06-20 20:21:49 +00:00
dbaron%fas.harvard.edu
688519fb0c
Fix bad getters on nsIDocument and nsIScriptContext to use out params rather than return |AddRef|ed pointers. b=81289 r=jaggernaut sr=jst a=asa
2001-06-20 03:27:48 +00:00
scc%mozilla.org
2e8b3e9481
bug #85271 : sr=waterson, r={beard, jag, dbaron}, a=asa. Eliminate features of |nsXPIDLC?String| that keep it out of the string hierarchy (i.e., using assigment to rebind ownership, static |Copy| members, and |getter_Shares|), fixing some leaks in the process.
2001-06-17 05:23:38 +00:00
mstoltz%netscape.com
00ba04ac0e
bug 77485 - exploit inserting a function into another window using targeted
...
javascript URL links. Two-part fix: moving the call to GetCurrentDocumentOwner
in nsDocShell::LoadInternal to before the target docshell is called, and
changing nsScriptSecurityManager::GetFunctionObjectPrincipal to only get
the principal from the function object's scope chain if the function object's
principal is the system principal. r=jst, sr=vidur, a=asa.
2001-05-30 02:22:22 +00:00
ddrinan%netscape.com
a86397a93a
PCKS7 implementation for signed JS. Bug# 82227 r=mstoltz@netscape.com,sr=blizzard@mozilla.org,a=blizzard@mozilla.org
2001-05-23 22:06:43 +00:00
mstoltz%netscape.com
edf3f8a6e9
Re-checking-in my fix for 47905, which was backed out last night because of a bug in some other code that was checked in along with it. This checkin was not causing the crasher and is unchanged. See earlier checkin comment - in short, this adds same-origin to XMLHttpRequest and cleans up some function calls in caps, removes some unnecessary parameters. r=vidur, sr=jst.
2001-05-19 00:33:51 +00:00
blizzard%redhat.com
e1e5c32a99
Back out mstoltz because of blocker bug #81629 . Original bugs were 47905 79775.
2001-05-18 17:41:23 +00:00
mstoltz%netscape.com
201736a175
Bug 47905 - adding security check for XMLHttpRequest.open.
...
Added nsIScriptSecurityManager::CheckConnect for this purpose.
Also cleaned up the security check API by removing some unnecessary
parameters. r=vidur@netscape.com , sr=jst@netscape.com
Bug 79775 - Forward button broken in main mail window. Making
WindowWatcher not call GetSubjectPrincipal if the URL to be loaded is
chrome, since the calling principal is superfluous in this case.
No one has been able to find the root cause of this problem, but
this checkin works around it, which is the best we can do for now.
r=ducarroz@netscape.com , sr=jst@netscape.com
2001-05-18 06:56:29 +00:00
mstoltz%netscape.com
822c76926e
Fixing bug 78831 - treat chrome and resource URLs the same in the
...
URL loading check and give them access to each other. r=pavlov,
sr=brendan. This allows us to turn on the fix (already reviewed)
for 69070.
2001-05-15 22:47:21 +00:00
mstoltz%netscape.com
cbe1b93f17
*** empty log message ***
2001-05-15 06:43:12 +00:00
mstoltz%netscape.com
a2efeb43e7
bug 79445, fixing crash with some event handlers (null pointer dereference)
...
r/sr=brendan@mozilla.org . Also fixed a typo in prefs that would have reopened
bug 56009.
2001-05-15 04:44:54 +00:00
mstoltz%netscape.com
f2b3d870ba
bug 79916 - was using | instead of &, causing a security hole. r=jband, sr=brendan.
2001-05-11 00:53:21 +00:00
mstoltz%netscape.com
d0f2b845b9
Fixes for bugs 79796, 77203, and 54060. r=jband@netscape.com,
...
sr=brendan@mozilla.org
2001-05-11 00:43:27 +00:00
dmose%netscape.com
d9fefe861d
more REQUIRES bustage fixing for senna; unicharutil dependency has been introduced because caps wants nsIDocShell which wants nsIPresContext
2001-05-10 18:48:46 +00:00
jst%netscape.com
61f5b1d1a1
Temporary workaround for the composer and other related problems caused by security manager problems, change by mstoltz@netscape.com, r=jst@netscape.com
2001-05-09 02:53:46 +00:00
jst%netscape.com
adf1d8320a
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
ccarlen%netscape.com
df1a6e78a8
Bug 78745 - nsIPromptService::ConfirmEx needs to be more flexible. r=valeski, sr=sfraser
2001-05-06 15:03:55 +00:00
kandrot%netscape.com
d5bd552195
Check in for Ron Guilmette. r=shaver, sr=waterson. For intl r=nhotta. Changes for NS_IMPL_NSGETMODULE. bug #46775 .
2001-05-05 05:33:37 +00:00
mkaply%us.ibm.com
1e48cea7cc
#76913
...
r=mstoltz, sr=brendan
Fix some calling convention - PR_ to JS_
2001-05-02 00:02:59 +00:00
cls%seawood.org
25c6dc1c7e
Set EXPORT_LIBRARY=1 in all pertinent Makefile.ins. Allows us to build the final link list as we traverse the tree. Bug #46775
2001-04-28 19:48:12 +00:00
valeski%netscape.com
9e8d80d70f
mozilla diffs r=tao, sr=alecf, commercial diffs r=syd, sr=syd/shaver. lower-casing JS calls to createBundle. removing un-used nsILocale param from nsIStringBundle::CreateBundle(). 76332
2001-04-27 21:30:24 +00:00
sfraser%netscape.com
5e35cbdbc0
Backing out valeski
2001-04-27 05:53:22 +00:00
valeski%netscape.com
def10e77f9
mozilla tree r=tao, sr=alecf. commercial tree r=syd, sr=syd/shaver. lowercasing the first char in JS method calls to createBundle. removing the dead locale parameter in the CreateBundle() method call. 76332
2001-04-27 04:16:22 +00:00
bnesse%netscape.com
19dccef1bc
Prefs API refactoring. Bug #46863 . r=valeski, sr=alecf.
2001-04-26 18:41:11 +00:00
ccarlen%netscape.com
fad24de4ee
Bug 46859 - Remove UniversalDialog. r=valeski/sr=rpotts,sfraser/a=blizzard
2001-04-21 00:26:18 +00:00
bryner%uiuc.edu
cbc8cea88c
Backing out bnesse's fix for bug 46863 due to numerous types of runtime bustage on linux and windows. a=brendan.
2001-04-20 06:45:56 +00:00
bnesse%netscape.com
6a048b1a8f
Landing PrefAPI refactoring bug 46863. r=valeski, sr=alecf, a=blizzard.
2001-04-19 22:21:39 +00:00
mstoltz%netscape.com
c302defdcd
More fixes for 55237, cleaned up CheckLoadURI and added a check on "Edit This Link." Also added error reporting (bug 40538).
...
r=beard, sr=hyatt
2001-04-17 01:21:44 +00:00
dbaron%fas.harvard.edu
1f23f5941d
Fix leaks of global objects. b=76091 r=mstoltz@netscape.com sr=hyatt@netscape.com
2001-04-17 00:12:28 +00:00
shaver%mozilla.org
e2dc3d6d88
75152: Remove GetVersionNumber stub in favour of upcoming, less-invasive
...
preloader strategy. r=jag, sr=attinasi.
2001-04-11 14:23:13 +00:00
disttsc%bart.nl
748e1ece2f
Clean up MODULE/REQUIRES, bug=73353, r=cls
2001-04-08 08:33:11 +00:00
dbaron%fas.harvard.edu
60d5b49964
Fix MOZ_TRACK_MODULE_DEPS (senna tinderbox) bustage by adding new header file dependencies to REQUIRES.
2001-04-07 04:29:01 +00:00
danm%netscape.com
378b2f48b9
removing use of nsNetSupportDialog. bug 72112 continued. r=hyatt,morse,mstoltz,various
2001-04-07 03:33:56 +00:00
dprice%netscape.com
3e31ab9946
65845 - new order files
2001-04-05 06:02:32 +00:00
rickg%netscape.com
c1ce80ae83
preloader update. r=peterl, sr=attinasi
2001-04-03 22:58:59 +00:00
disttsc%bart.nl
96f5f6cf31
Add "gfx2" and "imglib2" to REQUIRES lines in Makefile.in for MOZ_TRACK_MODULE_DEPS builds (e.g. senna)
2001-03-30 10:39:06 +00:00
disttsc%bart.nl
812a462213
Fix MOZ_TRACK_MODULE_DEPS bustage
2001-03-23 08:44:39 +00:00
disttsc%bart.nl
9149e8b0b4
Fix MOZ_TRACK_MODULE_DEPS bustage.
2001-03-23 08:16:59 +00:00
mstoltz%netscape.com
b26a1f0451
Bugs 55069, 70951 - JS-blocking APIs for mailnews and embedding. r=mscott, sr=attinasi.
...
Bug 54237 - fix for event-capture bug, r=heikki, sr=jband.
2001-03-23 04:22:56 +00:00
blakeross%telocity.com
de8b54d4c3
Fix 49334: gopher support, minor restructuring of directory viewer. necko: r=darin,dougt sr=rpotts other: r=waterson,mstoltz,jag sr=alecf
...
Fix 70404: assertions or datetime and finger. r=dougt, sr=rpotts
Both patches by Bradley Baetz (bbaetz@cs.mcgill.ca )
2001-03-14 02:42:39 +00:00
dprice%netscape.com
1b42d68e45
71057 sr=waterson new order files. NOT PART OF THE REGULAR BUILD
2001-03-13 10:47:37 +00:00
valeski%netscape.com
a8e9bc5bd5
sr=rpotts, r=gagan. 70743. switching over to new extensible URI::SchemeIs() api
2001-03-13 02:02:05 +00:00
suresh%netscape.com
b02946cae2
Adding aim protocol to the list. No Specific bug number. r=syd. sr=mstoltz
2001-03-07 05:58:45 +00:00
beard%netscape.com
4122626e4f
Switch from NS_STATIC_CAST to NS_REINTERPRET_CAST to fix bustage on Mac. r=mstoltz
2001-03-02 01:13:35 +00:00
mstoltz%netscape.com
6672d1a27a
bug 47905, adding security check to XMLHttpRequest.open(). r=heikki, sr=brendan
2001-03-02 00:09:20 +00:00
dprice%netscape.com
5184a7104b
# 65845 sr=waterson, new order files will greatly reduce the number of link warnings.
2001-02-27 04:38:19 +00:00
mstoltz%netscape.com
407dac60d8
bug 63451 - moved signature verification functions from nsIZipReader to nsIJAR. r=sgehani, sr=shaver
2001-02-23 00:15:04 +00:00
disttsc%bart.nl
744785129a
Mass REQUIRES update to synch up with string lib and xul changes in an attempt to fix senna bustage. r=jst, sr=cls
2001-02-22 09:35:51 +00:00
mstoltz%netscape.com
8720e0c142
Bug 66331, nsCodebasePrincipal::GetOrigin needs to specify the port
...
if nonstnandard. Fixes a bug in LiveConnect. r=dougt, sr=jband.
2001-02-14 00:27:34 +00:00
dprice%netscape.com
343dcec924
65845 First cut of the order files
2001-02-13 02:34:59 +00:00
beard%netscape.com
234eb9d4b5
fix for bug #63466 , r=mstoltz, sr=brendan, a=leaf
2001-02-12 07:47:28 +00:00
gagan%netscape.com
cded3e2f30
Optimization for scheme comparison of URIs. See bug 66577 for details. r=darin, sr=brendan@mozilla.org
2001-01-31 01:33:03 +00:00
mstoltz%netscape.com
d1ff4c4a38
Bug 66369, adding support for per-file permissions granting to caps. r=jst, sr=jband.
2001-01-27 01:42:20 +00:00
bryner%uiuc.edu
3c4d17f118
Removing .cvsignore file so this directory will go away. Not part of build.
2000-12-28 21:08:29 +00:00
jband%netscape.com
e383c347e4
fix bug 55506. If seman was initialized too early then it was failing to register its nameset. This happened on first run when JS Component Loader would use the secman. The result was that all calls to the security manager via JavaScript would fail for that session. This fixes that by continuing to try to register the nameset until it actually succeeds. r=mstoltz a=brendan
2000-11-30 05:32:08 +00:00
cls%seawood.org
8bd122b3d5
Resurrect REQUIRES so that we have some sort of means to track intermodule dependencies. Bug #59454 r=blizzard@mozilla.org
2000-11-20 07:16:06 +00:00
dbaron%fas.harvard.edu
d932c515d5
Make nsDestroyJSPrincipals stop confusing the leak stats by calling AddRef, but not when the refcount is 0. r=mstoltz@netscape.com sr=brendan@mozilla.org b=59135
2000-11-08 03:06:57 +00:00
mstoltz%netscape.com
3161a54c16
Fixing bugscape 3109, LiveConnect exploit. sr=jband, brendan.
...
Fixing 58021, exploit in "open in new window," bug 55237. sr=brendan
2000-11-07 01:14:08 +00:00
mstoltz%netscape.com
0caa769ac2
Bug 57937, signed frames denied access to unsigned frames. r=mccabe, sr=brendan
2000-10-30 20:05:07 +00:00
warren%netscape.com
4189314fdb
Bug 47207. Backing out logging/PRINTF changes until we can fix stopwatch.h, introduce double parens, etc.
2000-10-28 22:17:53 +00:00
warren%netscape.com
6e35f97e31
Bug 47207. Changing printf to PRINTF to use new logging facility. r=valeski,sr=waterson
2000-10-27 22:43:51 +00:00
mscott%netscape.com
4b5a54deb0
Bug #48403 --> don't allow JS running in a mailnews sand box to change the name of it's containing iframe.
...
this code was contributed by mstoltz.
r=beard, sr=mscott
2000-10-24 00:52:02 +00:00
pollmann%netscape.com
87208694ab
Bug 13871: Prevent frameset spoofing r=mstoltz, sr=mscott, a=rpotts
2000-10-19 10:25:49 +00:00
mstoltz%netscape.com
99a2b79580
Fixing 56009, exploit allowing XPConnect access. r,a=hyatt, sr=scc
2000-10-13 22:59:47 +00:00
mstoltz%netscape.com
940c5078d1
Fixing 52497, security problem in document.implementation, r=jst a=brendan
2000-09-20 23:38:28 +00:00
warren%netscape.com
075350b1c8
Landing jar packaging from jar_restructuring_branch. r=hyatt,dprice,sfraser,dveditz,vishy,sgehani
2000-09-20 19:35:24 +00:00
jband%netscape.com
c53517dae2
fix memory corruption bug 52382. r=mstoltz
2000-09-14 08:48:53 +00:00
rayw%netscape.com
6cc70ebd6c
Bug 37275, Changing value of all progids, and changing everywhere a progid
...
is mentioned to mention a contractid, including in identifiers.
r=warren
2000-09-13 23:57:52 +00:00
jdunn%netscape.com
3ebb4117a1
Fix warning which requires a return value from functions
...
r= brendan@mozilla.org scc@mozilla.org
#= 52254
2000-09-13 11:29:18 +00:00
mstoltz%netscape.com
397dd0a60e
bug 44147, caps grant dialog now being created from DOMWindow->GetPrompter instead of nsIPrompt service. r=dbragg
2000-09-09 00:53:21 +00:00
mstoltz%netscape.com
586719c321
bug 50304, adding "static" to security policy struct, should save some memory and time. r=rogerl
2000-09-07 19:03:23 +00:00
scc%mozilla.org
5e20db47e1
more GCC fixes
2000-09-03 06:41:18 +00:00
jtaylor%netscape.com
c872b76899
Not part of build. Adding security regression test suite driver (mozDriver).
2000-08-29 21:50:56 +00:00
dp%netscape.com
6131f92863
bug#49786 Caching frequently used progid: nsThreadJSContextStack r=waterson
2000-08-22 06:02:14 +00:00
mstoltz%netscape.com
88846ce93b
Fixing 41876 r=hyatt, also 48724, 49768, and crasher in nsBasePrincipal.cpp, r=jtaylor
2000-08-22 02:06:52 +00:00
warren%netscape.com
930a05de5a
Fix for hash code performance problem discovered by bienvenu. 'Sampling' hash code was statistically evil.
2000-08-20 21:29:10 +00:00
shaver%mozilla.org
ef25ecf277
Fix 47354 and 39975 by providing a system-privileged scope backstop for
...
JS Components, and teaching the ScriptSecurityManager to check for
XPC-wrapped native objects in the scope chain when looking for an
object's principal. r=jband/a=brendan
2000-08-16 04:01:02 +00:00
dougt%netscape.com
7934ec7c51
Changing the nsDirectoryService define. This should have been done with the rest of the nsDirectorySerivce changes. r=conrad.
2000-08-14 22:38:27 +00:00
jtaylor%netscape.com
7fffe0e83e
Fixes bug #45877 . r=mstoltz.
2000-08-11 03:11:24 +00:00
warren%netscape.com
4af572e4c1
Bug 46711. Removed nsAutoString travisty from nsStringKey. Introduced nsCStringKey. Made them both share the underlying string when possible. r=waterson
2000-08-10 06:19:37 +00:00
jband%netscape.com
02b25f73f7
fix bug 47410. Allow JS components to implement nsISecurityCheckedComponent and have sidebar componnet implement it to allow access from untrusted scripts. a=brendan@mozilla.org a=johng@netscape.com
2000-08-08 23:59:32 +00:00
warren%netscape.com
4967b0a7cc
Getting jar files in shape. Mostly works on unix, status bar missing (not in build yet).
2000-08-02 06:48:45 +00:00
mstoltz%netscape.com
86eadd802e
Fixing 40159, nasty infinite recursion on startup. r&a=beard
2000-07-26 04:53:01 +00:00
mstoltz%netscape.com
3706de2b9a
fix for 42387, r=dveditz
2000-07-20 01:16:15 +00:00
mstoltz%netscape.com
4d0c283076
Fixing 40159 and 44822, both [nsbeta2+] regressions on signed scripts. r=sgehani
2000-07-12 03:10:33 +00:00
cls%seawood.org
062c8bd937
Start tedious process of removing obsolete mozilla/include files from build. This patch should take us down to 19 of 101. Bug #38061
2000-07-10 07:13:31 +00:00
mstoltz%netscape.com
0b9feb28b2
DOM properties default to same origin access only. Bug 28443. r=rginda
2000-07-05 19:08:20 +00:00
dcone%netscape.com
8591431bbb
Added the IDL file for Vidur.
2000-06-23 15:22:38 +00:00
vidur%netscape.com
b22731f07d
Checking in for mccabe, since he had to leave town. Partial fix for bug 41429. Adding a new interface that components can implement to control the capabilities needed for XPConnect access to them - default is UniversalXPConnect. r=vidur
2000-06-23 14:32:38 +00:00
joki%netscape.com
ac67aba0ee
Part of fix for 38117, prevent scripts from running event handlers on windows from other domains. r:mstoltz
2000-06-21 00:21:50 +00:00
mstoltz%netscape.com
7cae8bc0cc
Dogfood bug 42076 - allowing file:// urls to load chrome:// URLs. r=evaughan.
2000-06-16 22:22:38 +00:00
warren%netscape.com
958ed96edd
Renaming nsIAllocator to nsIMemory (and nsAllocator to nsMemory). API cleanup/freeze. Bug #18433
2000-06-03 09:46:12 +00:00
mstoltz%netscape.com
05de905adb
On Mac, we should look for systemSignature.jar in Essential FIles, not the bin directory. Bug 40468, r=sgehani, a=clayton.
2000-06-02 22:22:11 +00:00
mstoltz%netscape.com
ab8668d6b4
Fix for 16858 w/o breaking directory browser. r=waterson a=beard
2000-06-01 23:57:48 +00:00
mstoltz%netscape.com
c54ae2cb3c
Fixed bug in DOM security checks, fixes bug 37907, 23516. Added security check for htmlelement.innerhtml, fixes 39083. Added location check to BASE HREF=, fixes 35859. r=vidur. Added check to style= tag, fixes 16858, r=pierre.
2000-05-26 23:28:40 +00:00
cls%seawood.org
1165ad3a33
Mass replace of -lmozjs with $(MOZ_JS_LIBS) needed for OS/2 and consistency.
2000-05-17 06:45:45 +00:00
mstoltz%netscape.com
5e94ace8c8
Allow scripting of plugins by untrusted web scripts. Bug 36375.
2000-05-17 02:38:22 +00:00
mstoltz%netscape.com
3ec39eeed8
Removing archive attribute from nsCertificatePrincipal. This will not be used.
2000-05-16 22:37:38 +00:00
mstoltz%netscape.com
1da9a8a070
Fixing bustage in nsCertificatePrincipal.cpp
2000-05-16 04:15:56 +00:00
mstoltz%netscape.com
ecc9b44676
Fixes for 32878, 37739. Added PR_CALLBACK macros. Changed security.principal pref syntax to a nicer syntax. Removed "security.checkxpconnect" hack.
2000-05-16 03:40:51 +00:00
danm%netscape.com
6028ba8bff
correct typo in last checkin
2000-05-14 10:38:48 +00:00
danm%netscape.com
ed11c187c4
new chrome hierarchy
2000-05-14 10:37:30 +00:00
danm%netscape.com
e6b9efbec5
top-level chrome dirs are now packages,locales,skins
2000-05-13 21:29:08 +00:00
scc%netscape.com
d11c66a210
string backsliding. r=mjudge
2000-05-12 07:53:02 +00:00
mstoltz%netscape.com
bf6b5666ee
added files: mozilla/caps/idl/nsISignatureVerifier.idl
2000-05-10 01:50:00 +00:00
mstoltz%netscape.com
0f88b44d07
Removed dependency of libjar on psm-glue, bug 36853. Fixed out parameter type problem in PSMComponent::HashEnd
2000-05-10 01:49:33 +00:00