24 Commits

Author	SHA1	Message	Date
Boris Zbarsky	8366800628	Bug 593026. Make it possible to get the system principal from script. r=jst a=jst	2010-09-07 15:10:41 -04:00
Luke Wagner	99411cc93d	Bug 549143 - fatvals	2010-07-14 23:19:36 -07:00
Robert Sayre	13c247559e	Merge mozilla-central to tracemonkey	2010-05-17 13:55:37 -04:00
Jason Orendorff	5aa27b84c9	Bug 560643 - Add a special jsval type to XPIDL. Part 1, rename JSVal -> jsval in existing IDL. r+sr=jst. ... --HG-- extra : rebase_source : 3d50f7468277883a26790df13a639ce37757a257	2010-05-12 08:18:51 -05:00
Michael Kohler	9397418412	Bug 506041 Part 2: Correct misspellings in source code ... r=timeless	2010-05-13 14:19:50 +02:00
Jonas Sicking	6f2368d0b0	Bug 543696: Remove unused nsIScriptSecurityManager::CheckConnect. r/sr=mrbkap	2010-02-02 02:29:15 -08:00
Sid Stamm	f2278605c1	Bug 515437 CSP connection code, r=jst,dveditz sr=jst	2010-01-22 13:38:21 -08:00
Daniel Veditz	0e538279e0	Backed out changeset a6ce37b09cf5 because of possible Tp4 perf hit	2010-01-14 17:19:11 -08:00
Sid Stamm ext:(%2C%20Brandon%20Sterne%20%3Cbsterne%40mozilla.com%3E)	56ceec2c4c	bug 515433, bug 515437: Content Security Policy (CSP) core	2010-01-13 14:18:24 -08:00
Blake Kaplan	79a79a0e55	Bug 504021 - Add an API to the script security manager to clamp principals for a given context. r=jst/bzbarsky sr=dveditz	2009-08-21 18:20:20 -07:00
Johnny Stenback	a511964116	Fixing bug 442399. Remove LiveConnect from the tree. r=joshmoz@gmail.com, bclary@bclary.com, sr=brendan@mozilla.org	2009-06-30 15:55:16 -07:00
Blake Kaplan	5adf556d30	Bug 396851 - Check to see if we're UniversalXPConnect-enabled to allow privileged web pages to unwrap XOWs. r+sr=bzbarsky	2008-10-22 13:15:22 -07:00
jonas@sicking.cc	2558cdb12f	Followup patch to bug 425201. Make sure to throw if xhr.open is called with an illegal uri. Also restore the nsIScriptSecurityManager.CheckConnect API as soap still uses it	2008-04-18 10:35:55 -07:00
jonas@sicking.cc	9b874a6992	Allow XMLHttpRequest and document.load load files from subdirectories. r/sr=dveditz	2008-04-08 17:38:12 -07:00
jonas@sicking.cc	21fb00611b	Bug 413161: Make nsIPrincipal::Origin ignore changes to document.domain. r/sr=dveditz	2008-03-18 17:27:56 -07:00
bzbarsky@mit.edu	5383803699	Finally kill off CheckSameOriginPrincipal, fix remaining callers to do the checks they really want to be doing. Fix screw-up in nsPrincipal::Equals if one principal has a cert and the other does not. Bug 418996, r=mrbkap,dveditz, sr=jst	2008-03-18 14:14:49 -07:00
reed@reedloden.com	ccc33c98c5	Bug 420081 - "Case mismatch between nsIURI and nsIUri in nsIPrincipal.idl" [p=mschroeder@mozilla.x-home.org (Martin Schröder [mschroeder]) r+sr=jst a1.9=beltzner]	2008-03-08 03:20:21 -08:00
jonas@sicking.cc	65f4571f58	Bug 416534: Clean up cross-site xmlhttprequest security checks. With fixes to tests this time. r/sr=peterv	2008-02-26 19:45:29 -08:00
myk@mozilla.org	b5e898ddd7	backing out fix for bug 416534 as potential cause of mochitest failure	2008-02-26 19:23:36 -08:00
jonas@sicking.cc	84548acb75	Bug 416534: Clean up cross-site xmlhttprequest security checks. r/sr=peterv	2008-02-26 18:17:49 -08:00
jst@mozilla.org	41ea116da8	Fixing bug 410851. Expose a faster way of getting the subject principal, and use that from performance critical code. r+sr=mrbkap@gmail.com	2008-01-04 15:59:12 -08:00
jonas@sicking.cc	903acf3ee6	bug 394390: Don't report bogus warnings to the error console when using cross-site xmlhttprequest. Patch by Surya Ismail <suryaismail@gmail.com>, r/sr=sicking	2007-10-26 18:46:09 -07:00
bzbarsky@mit.edu	5eafaa49e5	Make security manager API more useful from script. Make more things ... scriptable, and add a scriptable method for testing whether a given principal is the system principal. Bug 383783, r=dveditz, sr=jst	2007-06-18 08:12:09 -07:00
hg@mozilla.com	465265d0d4	Free the (distributed) Lizard! Automatic merge from CVS: Module mozilla: tag HG_REPO_INITIAL_IMPORT at 22 Mar 2007 10:30 PDT,	2007-03-22 10:30:00 -07:00