Bill McCloskey
411974faf9
Bug 1123461 - Make a real interface for js/ipc (r=dvander)
2015-01-26 13:32:18 -08:00
Bill McCloskey
204e02f724
Bug 1092446 - [e10s] Allow unprivileged scopes to call content-to-chrome CPOWs (r=bholley)
2014-11-04 17:38:19 -08:00
Carsten "Tomcat" Book
f94c96cce1
Backed out changeset 2dbf8f6bd2aa (bug 1092446) for suspicion of adding a hazard
2014-11-05 10:04:08 +01:00
Bill McCloskey
edd6c20e5b
Bug 1092446 - [e10s] Allow unprivileged scopes to call content-to-chrome CPOWs (r=bholley)
2014-11-04 17:38:19 -08:00
Bobby Holley
bd7f40a7db
Bug 1081985 - Remove prototype remapping and make COWs simple. r=gabor
...
\o/
2014-10-20 15:52:53 +02:00
Bobby Holley
e355eafe03
Bug 1081990 - Turn off COWs for Functions. r=gabor
2014-10-18 11:02:10 +02:00
Bobby Holley
88d4cad9dc
Bug 1083060 - Only use the XOW policy for Window and Location. r=bz
2014-10-17 16:17:03 +02:00
Bobby Holley
5f0331ad23
Bug 1065186 - Drop support for exposing privileged arrays to untrusted content. r=gabor
2014-10-16 14:12:37 +02:00
Bobby Holley
5d3c893ed4
Bug 1074863 - Handle named constructors which have DOMXrayTraits while being simultaneously JSProto_Function. r=peterv
...
Simple fix, but interesting test case and worth having on CI.
2014-10-02 11:06:03 +02:00
Bobby Holley
8dae0fc8ce
Bug 1070696 - Rename xpc::GetNativeForGlobal to xpc::NativeGlobal and make it accept non-global JSObjects. r=smaug
...
The method is infallible, and making the callers invoke
js::GetGlobalForObjectCrossCompartment manually is dumb.
2014-09-21 21:31:53 +02:00
Bobby Holley
74a1df53db
Bug 1060521 - Remove infrastructure for Xrayed NewResolve, GetProperty, and SetProperty on XPCWrappedNatives. r=peterv
2014-09-15 14:13:02 +02:00
Bobby Holley
9202777ccf
Bug 1064437 - Remove Proxy special-case in ForceCOWBehavior. r=gabor
2014-09-09 08:21:45 -07:00
Nicholas Nethercote
8c60d14a1a
Bug 1050009 - Initialize pldhash tables with a length, not a capacity. r=roc.
...
* * *
imported patch rm-dummy-params
--HG--
extra : rebase_source : c25987eb11bae197218d5fc53b77def19afa36ac
2014-08-06 06:31:21 -07:00
Bobby Holley
971ad29192
Bug 965898 - Implement an Xray subclass that we can use to implement HTML5 cross-origin semantics. r=gabor
2014-07-30 12:23:01 -07:00
Bobby Holley
f90f3f7319
Bug 965898 - Drop support for XPCWN XOWs. r=gabor
...
XOWs only allow access to Window and Location, both of which are on WebIDL now.
2014-07-30 12:23:01 -07:00
Bobby Holley
7db28dae27
Backed out 16 changesets (bug 965898) for rooting hazards. CLOSED TREE
...
Backed out changeset ac4abde3579f (bug 965898)
Backed out changeset c4c7ab1a2f70 (bug 965898)
Backed out changeset e0bf3598dfe1 (bug 965898)
Backed out changeset 8f2788a0ba24 (bug 965898)
Backed out changeset 0d1cda4decaa (bug 965898)
Backed out changeset 3d80ffc439fb (bug 965898)
Backed out changeset ad66ab36fe2d (bug 965898)
Backed out changeset dcf7ccf6eff2 (bug 965898)
Backed out changeset d3f02e80355d (bug 965898)
Backed out changeset 212f2d05d9e7 (bug 965898)
Backed out changeset c350a2c0aa6d (bug 965898)
Backed out changeset c75acd0663a9 (bug 965898)
Backed out changeset d68f7ef0ae69 (bug 965898)
Backed out changeset 610e6d6e1a88 (bug 965898)
Backed out changeset 54d40a30f6ad (bug 965898)
Backed out changeset 403a0e1d2324 (bug 965898)
2014-07-29 22:57:59 -07:00
Bobby Holley
605a17bbb6
Bug 965898 - Implement an Xray subclass that we can use to implement HTML5 cross-origin semantics. r=gabor
2014-07-29 21:35:30 -07:00
Bobby Holley
49b066f2d2
Bug 965898 - Drop support for XPCWN XOWs. r=gabor
...
XOWs only allow access to Window and Location, both of which are on WebIDL now.
2014-07-29 21:35:29 -07:00
Bobby Holley
81109a2b27
Bug 742444 - Only propagate waivers between same-origin compartments. r=gabor
2014-07-22 16:14:27 -07:00
Bobby Holley
bac5dd0535
Bug 742444 - Pass the old wrapper or value to the prewrap callback instead of its flags. r=gabor
...
We need this so that we can reason about the origin of the wrapper that
previously had a waiver and decide whether or not to extend it.
2014-07-22 16:14:27 -07:00
Bobby Holley
984a293d6d
Bug 1040181 - Use an opaque wrapper rather than failing in Rewrap. r=gabor
2014-07-20 10:03:58 -06:00
Bobby Holley
51cadd7069
Bug 1038844 - Implement a COW opt-out for automation. r=gabor,sr=mrbkap
2014-07-17 21:34:48 -07:00
Bill McCloskey
c28e537321
Bug 1017323 - Fix some non-unified build bustage
2014-07-14 22:49:09 -07:00
Bill McCloskey
8b9dfc45b5
Bug 1017323 - Add-on interposition (r=bholley)
2014-07-14 22:10:05 -07:00
Bobby Holley
a724996a80
Bug 856067 - Remove special case for content XBL scopes. r=gabor
...
This is now the default behavior. \o/
2014-07-14 10:09:07 -07:00
Bobby Holley
f53b8f6e56
Bug 856067 - Make unwaived non-Xrayable objects opaque from privileged code. r=gabor
2014-07-14 10:09:07 -07:00
Bobby Holley
65f180179d
Bug 1034262 - Honor the wantXrays of both sides of the membrane when computing same-origin wrappers. r=gabor
...
The basic problem in the testcase is that one compartment requests same-origin
Xrays via wantXrays=true (the default for Sandboxes) while the other does not.
The current code only considers the wantXrays flag of the compartment performing
the access, so we end up in a situation where we have same-origin compartments,
but Xray in one direction and Transparent in the other.
This is a problem for crossCompartmentFunction.apply(null, [arg]). If both
globals get transparent wrappers, there's obviously no problem. And if both
globals get XrayWrappers, then the |apply| happens on the XrayWrapper of the
function in the caller's compartment. So the Array is unpacked in the caller's
compartment, and again we have no problem.
But if the caller gets Transparent and the callee gets Xrays, then we end up
invoking |apply| from the callee's side, which then gets an XrayWrapper to the
array. This XrayWrapper may do surprising things, leading to the odd situation
in the testcase.
Same-origin Xrays are kind of broken anyway, but I don't think we'll ever be
able to get rid of them. So the most sensible thing to do is probably to honor
the flag (if set) from either compartment. This patch does that.
2014-07-10 10:04:30 -07:00
Bobby Holley
f99be51d16
Bug 1034239 - Replace GentlyOpaque with an "Xray-to-nothing" wrapper. r=gabor
...
I did this wrong before. Making this a SecurityWrapper means that the caller does
not subsumes the target, and that the target therefore needs to be protected
from the caller. But GentlyOpaque was supposed to be an analog of PermissiveXray
for use when no useful XrayTraits exist, so it should behave similarly.
If we make this a Filtering Security Wrapper, we get a bunch of assertions where we
expect CheckedUnwrap to succeed for a chrome-side wrapper. And we can't making it
a Filtering Non-Security Wrapper, because then the filtering policy isn't even
consulted (an optimization in jsproxy.cpp).
Really, we want all of the Xray machinery (like the ability to waive and to place
expandos), and we just don't want to resolve any properties. This patch does this.
2014-07-10 09:31:37 -07:00
Bobby Holley
86b1eef248
Bug 1034239 - Add Proxies to ForceCOWBehavior. r=gabor
2014-07-10 09:31:37 -07:00
Bobby Holley
82f8b28ac7
Bug 1032317 - Make CompartmentPrivate and XPCWrappedNativeScope accessors infallible. r=gabor
2014-07-03 09:40:52 -07:00
Eric Faust
4fcd931d23
Bug 1027402 - Part 2: Mark Proxy Handler instances as const. (r=bholley, r=bz over IRC)
2014-06-27 04:44:04 -07:00
Carsten "Tomcat" Book
ae32e4a7cc
Backed out changeset 346912776f97 (bug 1027402)
2014-06-27 14:21:22 +02:00
Eric Faust
9f81106775
Bug 1027402 - Part 2: Mark Proxy Handler instances as const. (r=bholley)
2014-06-27 04:44:04 -07:00
Bobby Holley
8c8ec10cee
Bug 976148 - Implement Xrays to Function objects. r=gabor
2014-06-19 09:57:06 -07:00
Terrence Cole
faf428504a
Bug 1017650 - Remove the unused |proto| arg from the wrapping machinery; r=efaust
2014-06-16 11:59:59 -07:00
Bobby Holley
fa376e8dca
Bug 1020609 - Implement Xrays to Arrays. r=bz
2014-06-11 15:16:07 -07:00
Bobby Holley
009fd1d137
Bug 987111 - Make JSProto_Object COWs take precedence over Xrays. r=gabor
2014-06-05 22:32:38 -07:00
Wes Kocher
a0fb5a53d9
Backed out 13 changesets (bug 987111) for disagreeing with some patch from b-i or fx-team in tonight's merge to hopefully fix a CLOSED TREE
...
Backed out changeset d4e390ceac27 (bug 987111)
Backed out changeset 5f88b5ef9496 (bug 987111)
Backed out changeset cdfd24ddf448 (bug 987111)
Backed out changeset 7883150e5471 (bug 987111)
Backed out changeset 407c7ca82ada (bug 987111)
Backed out changeset e7140ccf7e09 (bug 987111)
Backed out changeset 0a4d18d6306f (bug 987111)
Backed out changeset e7b7548867d9 (bug 987111)
Backed out changeset 944d128f135a (bug 987111)
Backed out changeset 33860f30fc4f (bug 987111)
Backed out changeset 518a915fb81b (bug 987111)
Backed out changeset 7576a51cf72e (bug 987111)
Backed out changeset 1a8dc1af9de6 (bug 987111)
2014-06-04 22:12:50 -07:00
Bobby Holley
677aad7fcf
Bug 987111 - Make JSProto_Object COWs take precedence over Xrays. r=gabor
2014-06-04 15:12:26 -07:00
Bill McCloskey
d765144f56
Bug 1017310 - Rename *XBLScope to *ContentXBLScope in xpconnect (r=bholley)
2014-06-02 18:04:21 -07:00
Birunthan Mohanathas
eaba6c5a37
Bug 866289 - Make mode lines consistent in js/xpconnect/ for 4 space indented files. r=Ms2ger
2014-04-03 07:58:00 -04:00
Bobby Holley
311ff27b73
Bug 958326 - Remove same-compartment security wrapper machinery. r=mrbkap
2014-03-26 10:59:20 -03:00
Bobby Holley
21fc488f1f
Bug 975042 - Basic Xray infrastructure and boilerplate. r=peterv
...
All of this machinery asserts if it actually get used. But it won't be used at
present, because we have an empty whitelist of JSProtoKeys.
2014-03-23 11:02:12 -03:00
Carsten "Tomcat" Book
bb48a49dd4
Backed out changeset 351371062c26 (bug 975042)
2014-03-21 08:47:48 +01:00
Bobby Holley
2b514f18c9
Bug 975042 - Basic Xray infrastructure and boilerplate. r=peterv
...
All of this machinery asserts if it actually get used. But it won't be used at
present, because we have an empty whitelist of JSProtoKeys.
2014-03-20 23:47:23 -03:00
Bobby Holley
8c3d899db2
Bug 825392 - Remove SOWs. r=bz
2014-03-19 13:35:45 -03:00
Bobby Holley
abb31827e1
Bug 976704 - Make opaque security wrappers non-callable. r=gabor,sr=mrbkap
2014-03-18 19:23:45 -03:00
Bobby Holley
992eba1b46
Bug 976151 - Anti eval/Function() check during wrapping should use |subsumes|. r=gabor
2014-02-25 08:38:33 -08:00
Bobby Holley
091ae7c290
Bug 975277 - Introduce a mechanism to identify instances of standard classes. r=luke
2014-02-21 16:03:11 -08:00
Bobby Holley
2ec68b243f
Bug 975277 - Clean up the XPCWN XrayHolder a bit. r=gabor
2014-02-21 15:55:31 -08:00