Luke Wagner
|
99411cc93d
|
Bug 549143 - fatvals
|
2010-07-14 23:19:36 -07:00 |
|
Dan Witte
|
1ac90420f6
|
Bug 564048 - Nix security checks in nsPrefBranch. r=sicking, sr=jst
|
2010-06-08 16:43:54 -07:00 |
|
Peter Van der Beken
|
3fcb7546e7
|
Fix for bug 560199 (Link XPConnect and caps into layout). r=jst.
--HG--
extra : rebase_source : 5141822e9d560019ffc1e0cb0264782aa8aa7a99
|
2010-04-11 15:55:24 +02:00 |
|
Sid Stamm
|
47a3291b46
|
bug 515443 CSP no-eval support. r=mrbkap,brendan
|
2010-03-08 00:24:50 -08:00 |
|
Jonas Sicking
|
6f2368d0b0
|
Bug 543696: Remove unused nsIScriptSecurityManager::CheckConnect. r/sr=mrbkap
|
2010-02-02 02:29:15 -08:00 |
|
Sid Stamm
|
f2278605c1
|
Bug 515437 CSP connection code, r=jst,dveditz sr=jst
|
2010-01-22 13:38:21 -08:00 |
|
Daniel Veditz
|
0e538279e0
|
Backed out changeset a6ce37b09cf5 because of possible Tp4 perf hit
|
2010-01-14 17:19:11 -08:00 |
|
Sid Stamm ext:(%2C%20Brandon%20Sterne%20%3Cbsterne%40mozilla.com%3E)
|
56ceec2c4c
|
bug 515433, bug 515437: Content Security Policy (CSP) core
|
2010-01-13 14:18:24 -08:00 |
|
Blake Kaplan
|
79a79a0e55
|
Bug 504021 - Add an API to the script security manager to clamp principals for a given context. r=jst/bzbarsky sr=dveditz
|
2009-08-21 18:20:20 -07:00 |
|
Blake Kaplan
|
3f98edd6fe
|
Bug 502959 - Restore code to make caps allow wrapping same-origin wrappedjs objects. r=jst sr=bzbarsky
|
2009-08-06 20:26:33 -07:00 |
|
Blake Kaplan
|
4f88c00c6c
|
Bug 493074 - Compute fewer things to try to clear up a performance regression. r+sr=jst
|
2009-05-14 15:17:56 -07:00 |
|
Blake Kaplan
|
3bab9bf56c
|
Bug 483672 - Give regular JS objects that have been reflected into C++ a security policy that follows the same-origin model. Also teach caps about "same origin" for these cases. r=jst sr=bzbarsky
|
2009-05-13 15:01:01 -07:00 |
|
Mook
|
9ad88404f5
|
Bug 472032 - [win64] sizeof(long) != sizeof(void*) assertion in nsScriptSecurityManager.cpp; changed SecurityLevel to use PRWord, clarified assertion on the protected code; r+sr=dveditz
|
2009-02-26 18:31:17 +01:00 |
|
Dan Mosedale
|
56f33790dd
|
Remove MailNews special casing from nsScriptSecurityManager (bug 374577), r+sr=bzbarsky
|
2009-02-17 20:32:57 -08:00 |
|
Daniel Holbert
|
2a7d88e05a
|
Bug 473236 - Remove executable bit from files that don't need it. (Only changes file mode -- no code changes.) r=bsmedberg
|
2009-01-21 22:55:08 -08:00 |
|
Igor Bukanov
|
59702db0da
|
Bug 459656 - Implementing nsIThreadJSContextStack in nsXPConnect. r+sr=mrbkap
|
2008-10-14 16:16:25 +02:00 |
|
Arpad Borsos
|
8b11d938d2
|
Bug 456388 - Remove PR_STATIC_CALLBACK and PR_CALLBACK(_DECL) from the tree; r+sr=brendan
|
2008-10-10 17:04:34 +02:00 |
|
Ben Newman
|
fdede899e6
|
Bug 454850. Make sure that whenever nsPrincipal::Equals would return true for a pair of principals their nsPrincipal::GetHashValue returns are also equal. r+sr=bzbarsky
|
2008-10-08 09:16:27 -04:00 |
|
Arpad Borsos
|
9b6f558fee
|
Bug 398946 - Remove JS_STATIC_DLL_CALLBACK and JS_DLL_CALLBACK from the tree; r=(benjamin + bent.mozilla)
|
2008-09-07 00:21:43 +02:00 |
|
jonas@sicking.cc
|
2558cdb12f
|
Followup patch to bug 425201. Make sure to throw if xhr.open is called with an illegal uri. Also restore the nsIScriptSecurityManager.CheckConnect API as soap still uses it
|
2008-04-18 10:35:55 -07:00 |
|
jonas@sicking.cc
|
9b874a6992
|
Allow XMLHttpRequest and document.load load files from subdirectories. r/sr=dveditz
|
2008-04-08 17:38:12 -07:00 |
|
jst@mozilla.org
|
14b80d26bc
|
Landing followup fix for bug 402983 and re-enabling the new stricter file URI security policies. r+sr=bzbarsky@mit.edu
|
2008-03-22 09:50:47 -07:00 |
|
jst@mozilla.org
|
89acfcbf1a
|
Landing fix for bug 402983. Make security checks on file:// URIs symmetric. Patch by dveditz@cruzio.com, r=jonas@sicking.cc,bzbarsky@mit.edu. jst@mozilla.org
|
2008-03-20 21:39:08 -07:00 |
|
jonas@sicking.cc
|
21fb00611b
|
Bug 413161: Make nsIPrincipal::Origin ignore changes to document.domain. r/sr=dveditz
|
2008-03-18 17:27:56 -07:00 |
|
bzbarsky@mit.edu
|
5383803699
|
Finally kill off CheckSameOriginPrincipal, fix remaining callers to do the checks they really want to be doing. Fix screw-up in nsPrincipal::Equals if one principal has a cert and the other does not. Bug 418996, r=mrbkap,dveditz, sr=jst
|
2008-03-18 14:14:49 -07:00 |
|
jonas@sicking.cc
|
65f4571f58
|
Bug 416534: Clean up cross-site xmlhttprequest security checks. With fixes to tests this time. r/sr=peterv
|
2008-02-26 19:45:29 -08:00 |
|
myk@mozilla.org
|
b5e898ddd7
|
backing out fix for bug 416534 as potential cause of mochitest failure
|
2008-02-26 19:23:36 -08:00 |
|
jonas@sicking.cc
|
84548acb75
|
Bug 416534: Clean up cross-site xmlhttprequest security checks. r/sr=peterv
|
2008-02-26 18:17:49 -08:00 |
|
jst@mozilla.org
|
6ecbc04940
|
Fixing bug 413767. Make caps use faster JS class/parent/private/proto accessors. r=mrbkap@gmail.com, sr=brendan@mozilla.org
|
2008-01-29 12:51:01 -08:00 |
|
benjamin@smedbergs.us
|
dfc4cee45d
|
Bug 411327 - nsIXPCNativeCallContext should not inherit from nsISupports, r=mrbkap, a=schrep
|
2008-01-15 07:50:57 -08:00 |
|
jst@mozilla.org
|
17c85fe694
|
Fixing bug 408009. Make doGetObjectPrincipal() faster. r+sr=bzbarsky@mit.edu, r+a=brendan@mozilla.org
|
2007-12-12 15:02:25 -08:00 |
|
bzbarsky@mit.edu
|
f213fb7ef5
|
Somewhat reduce the amount of memory an nsPrincipal allocates in the common case. Bug 397733, r+sr+a=jst
|
2007-09-28 07:31:04 -07:00 |
|
bzbarsky@mit.edu
|
8ff844ab55
|
Make the nsISerializable implementation of nsPrincipal actually work. This makes it possible to save principal objects to a stream and read them back. Bug 369566, r=dveditz+brendan, sr=jst, a=jst
|
2007-09-17 15:18:28 -07:00 |
|
dveditz@cruzio.com
|
8877000696
|
bugs 230606 and 209234: add options to restrict file: URI same-origin policies, r+sr=jst, blocking+=pavlov
|
2007-09-06 00:02:57 -07:00 |
|
jwalden@mit.edu
|
e3c4baccae
|
Bug 348748 - Replace all instances of NS_STATIC_CAST and friends with C++ casts (and simultaneously bitrot nearly every patch in existence). r=bsmedberg on the script that did this. Tune in next time for Macro Wars: Episode II: Attack on the LL_* Macros.
|
2007-07-08 00:08:04 -07:00 |
|
bzbarsky@mit.edu
|
5289e91a54
|
Optimize immutability of codebase/domain a little bit. Bug 380475, r=dveditz, sr=biesi
|
2007-06-18 08:07:02 -07:00 |
|
benjamin@smedbergs.us
|
2e25a321f8
|
Bug 376636 - Building with gcc 4.3 and -pendatic fails due to extra semicolons, patch by Art Haas <ahaas@airmail.net>, rs=me
|
2007-04-23 07:21:53 -07:00 |
|
dbaron@dbaron.org
|
a7d9802f77
|
Remove GetKeyPointer method from nsTHashtable key types. b=374906 r=bsmedberg
|
2007-03-27 08:34:59 -07:00 |
|
dbaron@dbaron.org
|
85eb65ced4
|
Remove unused getKey callback from PLDHashTableOps/JSDHashTableOps. b=374906 r=bsmedberg
|
2007-03-27 08:33:38 -07:00 |
|
hg@mozilla.com
|
465265d0d4
|
Free the (distributed) Lizard! Automatic merge from CVS: Module mozilla: tag HG_REPO_INITIAL_IMPORT at 22 Mar 2007 10:30 PDT,
|
2007-03-22 10:30:00 -07:00 |
|