Bobby Holley
c209bdc9f6
Bug 995943 - Clean up some silly stuff surrounding prefs in CAPS. r=bz
2014-05-08 22:19:10 -07:00
Bobby Holley
648f667734
Bug 1001198 - Explicitly fire up the SSM from nsXPConnect. r=gabor
2014-05-06 23:17:43 -07:00
Bobby Holley
c50411e058
Bug 997987 - Cache the system principal on nsContentUtils and remove nsIScriptSecurityManager::SubjectPrincipalIsSystem. r=Ms2ger,sr=bz
2014-05-06 15:43:03 -07:00
Bobby Holley
be684ee7b4
Bug 997987 - Remove nsIScriptSecurityManager::GetSubjectPrincipal. r=Ms2ger
2014-05-06 15:43:03 -07:00
Bobby Holley
5c9d904093
Bug 997987 - Remove usage of nsIScriptSecurityManager::GetSubjectPrincipal. r=Ms2ger
2014-05-06 15:43:03 -07:00
Bobby Holley
0f2e4665cd
Bug 997987 - Remove nsIScriptSecurityManager::GetCxSubjectPrincipal. r=Ms2ger
2014-05-06 15:43:02 -07:00
Jon Coppeard
bed7fc43d9
Bug 959787 - Handlify remaining JS APIs r=terrence r=bz r=bholley
2014-04-30 10:10:33 +01:00
Birunthan Mohanathas
ff8ce9bd42
Bug 900908 - Part 3: Change uses of numbered macros in nsIClassInfoImpl.h/nsISupportsImpl.h to the variadic variants. r=froydnj
2014-04-27 03:06:00 -04:00
Arpad Borsos
e19fb46166
Bug 474369 - remove nsVoidArray includes; r=ehsan
...
--HG--
extra : rebase_source : dd3abeb623fd8b784fd6ba639c88def84a4daf58
2014-04-26 16:12:45 +02:00
Andrew McCreight
3c2c09c71b
Bug 998779 - Remove unused #includes of nsHashtable.h. r=froydnj
2014-04-21 09:41:58 -07:00
Bobby Holley
65765653a9
Bug 998083 - Introduce Cu.getObjectPrincipal and kill nsIScriptSecurityManager::GetObjectPrincipal. r=gabor
2014-04-19 10:39:59 -07:00
Bob Owen
759e2cffe1
Bug 986439 - Don't use nsNullPrincipalURI for referrer. r=bz
2014-03-29 19:10:27 +00:00
Neil Rashbrook
1373d6ff37
Bug 948901 FTP directory listings need to support the Character Encoding menu r=mayhemer,michal
2014-03-28 08:32:56 +00:00
Ehsan Akhgari
5b9f45a1a5
Bug 798158 - Part 1: Use a pointer-sized type to store refcounts internally; r=bsmedberg
2014-03-27 16:38:33 -04:00
Kyle Huey
7067fb5db1
Bug 345123: Remove nsGetterAddRefs<T>'s operator nsISupports**. r=bsmedberg
2014-03-15 12:00:17 -07:00
Bill McCloskey
aa5f40a77e
Bug 982828 - [e10s] Disable mochitest-plain tests that don't pass in e10s (r=ted)
2014-03-13 21:38:19 -07:00
Wes Kocher
a3277d291d
Backed out changeset 88425ad0f06a (bug 982828) for introducing various mochitest-5 failures on a CLOSED TREE
...
* * *
Backed out changeset 94f9ebdc6662 (bug 982828)
2014-03-13 19:41:21 -07:00
Bill McCloskey
f4f6bf8e4d
Bug 982828 - [e10s] Disable mochitest-plain tests that don't pass in e10s (r=ted)
2014-03-13 15:41:41 -07:00
Bill McCloskey
7193069fa0
Backed out changeset d6261f65070a
2014-03-13 15:52:27 -07:00
Bill McCloskey
69a746922b
Bug 982828 - [e10s] Disable mochitest-plain tests that don't pass in e10s (r=ted)
2014-03-13 15:41:41 -07:00
Vaibhav Agarwal
9a59a5c96d
Bug 971132 - B2G mochitests should use the new manifest format; r=jmaher
2014-03-06 13:42:43 -05:00
Luke Wagner
4c59cb92eb
Bug 976348 - Change DescribeScriptedCaller to not return a JSScript (r=bholley)
...
--HG--
extra : rebase_source : 58387ce3e4c49d3140b92b84bf3577fc6584820e
2014-02-25 09:43:14 -06:00
Bobby Holley
cdcd6fceee
Bug 956382 - Remove implementations of *IgnoringDomain variants. r=mrbkap
2014-02-13 18:57:36 -08:00
Bobby Holley
5d2a9f9315
Bug 956382 - Remove unused CAPS gunk. r=mrbkap
2014-02-13 18:57:36 -08:00
Bobby Holley
5843049c40
Bug 956382 - Hoist nsScriptSecurityManager::CheckSameOriginPrincipal into nsPrincipal::EqualsConsideringDomain. r=mrbkap
2014-02-13 18:57:36 -08:00
Bobby Holley
38d61639fb
Bug 956382 - Ignore document.domain by default. r=mrbkap
2014-02-13 18:57:36 -08:00
Bobby Holley
6771e71f15
Bug 956382 - Introduce an explicit API to do principal checks with document.domain. r=mrbkap
2014-02-13 18:57:34 -08:00
Bobby Holley
b73c1d8a7d
Bug 972478 - Docshell scriptability should only affect non-immune principals. r=bz
2014-02-13 15:40:50 -08:00
Sid Stamm
53b4c0d99c
Bug 911547 - make nsIContentSecurityPolicy serializable and trigger read/write from nsPrincipal. r=jst,grobinson
...
--HG--
extra : rebase_source : 3e1846e15538729f3c94f5c1470959b5d7b31f0f
2014-01-23 15:34:59 -08:00
Bobby Holley
8356b2d621
Bug 957688 - Remove nsIXPCSecurityManager::CanAccess and nsScriptSecurityManager::CheckPropertyAccessImpl. r=mrbkap
...
\o/
2014-01-24 16:08:26 -08:00
Bobby Holley
d2ed53a852
Bug 957688 - Remove nsIScriptSecurityManager::CheckPropertyAccess. r=mrbkap
2014-01-24 16:08:26 -08:00
Bobby Holley
844ed9971d
Bug 957688 - Remove checkObjectAccess security callback. r=mrbkap
...
There's no need for the JS shell stuff either, since vm/Runtime.cpp already
sets up NullSecurityCallbacks by default.
2014-01-24 16:08:25 -08:00
Terrence Cole
10295353cd
Bug 959787 - Handlify several JSAPI interfaces that can GC, Part 4; r=sfink,r=bz
...
--HG--
extra : rebase_source : 8e1ff566f47795cd82e3f4c0a6fa37b88e7847b4
2014-01-17 10:08:51 -08:00
Bobby Holley
8dd5c7b67e
Bug 794943 - Remove CheckXPCPermissions. r=mrbkap
2014-01-16 15:45:40 -08:00
Bobby Holley
7916a3dc96
Bug 794943 - Remove nsISecurityCheckedComponent interface. r=mrbkap
2014-01-16 15:45:40 -08:00
Bobby Holley
4eeb054e6e
Bug 794943 - Remove checks for nsISecurityCheckedComponent in caps. r=mrbkap
2014-01-16 15:45:40 -08:00
Tom Schuster
e64b35e141
Bug 939294 - Change xpidl jsval to handles. r=gabor,bz,khuey,bsmedberg,terrence
2014-01-09 18:39:36 +01:00
Garrett Robinson
3ceb749a52
Bug 883975 - CSP 1.1 hash-source. r=sstamm, r=dholbert, r=mrbkap
2014-01-02 11:14:06 -08:00
Christian Legnitto
aeb2c9d4da
Bug 935377 - Firefox should fix common scheme typos, r=dolske
2014-01-12 12:02:27 -08:00
Ryan VanderMeulen
f427c884c8
Backed out 6 changesets (bug 939294) for B2G bustage on a CLOSED TREE.
...
Backed out changeset 8c3aa9973da0 (bug 939294)
Backed out changeset 37098c13e59e (bug 939294)
Backed out changeset 7c9ade6c871c (bug 939294)
Backed out changeset fed59539afc1 (bug 939294)
Backed out changeset 89e9d3fa16fc (bug 939294)
Backed out changeset c97e58ebc5f4 (bug 939294)
2014-01-09 14:17:39 -05:00
Tom Schuster
af21b5b94c
Bug 939294 - Handlify all the rest. r=terrence
2014-01-09 18:39:37 +01:00
Gabor Krizsanits
2d18c11e26
Bug 952192 - getObjectPrincipal should be script callable. r=bholley
2014-01-09 15:28:46 +01:00
Carsten "Tomcat" Book
fc7c23e4aa
Backed out changeset 18eeafedd180 (bug 952192) XPC Shell Bustage on a CLOSED TREE
2014-01-09 12:53:22 +01:00
Gabor Krizsanits
db12b3ec81
Bug 952192 - getObjectPrincipal should be script callable. r=bholley
2014-01-09 11:31:33 +01:00
Ehsan Akhgari
ebd358dfd7
Bug 927728 - Part 1: Replace PRUnichar with char16_t; r=roc
...
This patch was automatically generated by the following script:
#!/bin/bash
# Command to convert PRUnichar to char16_t
function convert() {
echo "Converting $1 to $2..."
find . ! -wholename "*nsprpub*" \
! -wholename "*security/nss*" \
! -wholename "*modules/libmar*" \
! -wholename "*/.hg*" \
! -wholename "obj-ff-dbg*" \
! -name prtypes.h \
! -name Char16.h \
-type f \
\( -iname "*.cpp" \
-o -iname "*.h" \
-o -iname "*.c" \
-o -iname "*.cc" \
-o -iname "*.idl" \
-o -iname "*.ipdl" \
-o -iname "*.ipdlh" \
-o -iname "*.mm" \) | \
xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}
convert PRUnichar char16_t
2014-01-04 10:02:17 -05:00
Luke Wagner
7db5895601
Bug 924905 - Do a subsumes check inside the stack iterator. r=jandem
...
--HG--
extra : rebase_source : ff8407c4f79fd3e2264470379470c526a751e45f
2014-01-03 10:32:56 -06:00
Trevor Saunders
907dfc4528
bug 949821 - use MOZ_UTF16 more and NS_LITERAL_STRING less r=froydnj
2013-12-12 20:50:01 -05:00
Bobby Holley
913b0c0c51
Bug 913734 - Remove namespace mozilla::hotness. r=mrbkap
2013-12-13 19:15:44 -08:00
Bobby Holley
32bf54415f
Bug 913734 - Remove EnabledID() machinery. r=mrbkap
2013-12-13 19:15:44 -08:00
Bobby Holley
991513f6f4
Bug 913734 - Remove now-unused policy machinery. r=mrbkap
2013-12-13 19:15:43 -08:00
Bobby Holley
9610d07a33
Bug 913734 - Stop consulting domain policies in CAPS. r=mrbkap
...
The whole LookupPolicy juggernaut is basically a mechanism for setting custom
per-(protocol, origin, property, action) access control in the preferences
service.
There are two sets of preferences currently in all.js. One of them is set up
for mailnews, for the mailbox:, imap:, and news: protocols. According to jst,
this was designed as a whack-a-mole security mechanism for javascript running
in HTML email. IIUC, we no longer allow JS to run at all in mailnews, so this
is obsolete.
The other mechanism appears to be our old-fashioned implementation of the
same-origin policy, which has been obsoleted by the new compartment
architecture.
In addition, most of this stuff was obsoleted by the new dom bindings, since
these DOM classes no longer go through XPCWrappedNativeJSOps, and thus no
longer trigger these security checks at all.
We stop using the infrastructure in this patch, and rip it out in the next one.
2013-12-13 19:15:43 -08:00
Bobby Holley
6dba8699cf
Bug 913734 - Stop storing security policies on XPCWrappedNativeProtos. r=mrbkap
...
This is just a cache, so we can safely remove it without impacting correctness.
The rest of this mechanism goes away in subsequent patches.
2013-12-13 19:15:43 -08:00
Birunthan Mohanathas
759ab69b0a
Bug 713082 - Part 2: Rename Util.h to ArrayUtils.h. r=Waldo
...
--HG--
rename : mfbt/Util.h => mfbt/ArrayUtils.h
2013-12-08 21:52:54 -05:00
Bobby Holley
acb9e755bd
Bug 932906 - Exempt Remote XUL from CanCreateWrapper checks. r=bz
2013-12-04 19:15:40 -08:00
Joshua Cranmer
1547e555fb
Bug 884676 - Convert JSPrincipals::refcount to Atomic<int32_t> in JS_THREADSAFE builds, and remove JS_ATOMIC_*. r=Waldo
2013-11-27 09:37:10 -06:00
Deian Stefan
a022cb82af
Bug 886164 - Enforce CSP in sandboxed iframe, r=grobinson
2013-11-22 15:12:00 -08:00
Michael Shuen
213cdc560a
Bug 941332 - Build caps/src in unified mode. r=ehsan
2013-11-21 09:22:26 -05:00
Mike Hommey
a65383e1e9
Bug 939632 - Remove LIBRARY_NAME for leaf libraries. r=gps
...
Landing on a CLOSED TREE.
2013-11-19 11:50:54 +09:00
Mike Hommey
8ceb917350
Bug 939074 - Remove most LIBXUL_LIBRARY. rs=gps
2013-11-19 11:48:10 +09:00
Mike Hommey
9fe772e7fd
Bug 939044 - Rename remaining MODULE definitions to XPIDL_MODULE. r=mshal
2013-11-19 11:47:43 +09:00
Mike Hommey
bb6779efe3
Bug 939044 - Remove most definitions of MODULE. r=mshal
2013-11-19 11:47:39 +09:00
Mike Hommey
d7b6f95761
Bug 935881 - Use FINAL_LIBRARY for all (fake) libraries that end up linked in a single other library. r=gps
2013-11-19 11:47:14 +09:00
Tom Schuster
f311064c6e
Bug 933834 - Rename and handlify JS_ValueToString. r=terrence,bz
2013-11-16 13:31:36 +01:00
Ms2ger
6b38d3ca3d
Backout changesets ded0d64f6786:03f041d03f24 and 30cbd1abde1a (bug 935696, bug 933834 and bug 939194) for build bustage.
2013-11-17 16:39:25 +01:00
Tom Schuster
dd485f9336
Bug 933834 - Rename and handlify JS_ValueToString. r=terrence,bz
2013-11-16 13:31:36 +01:00
Bobby Holley
d75a37769c
Bug 840488 - Tests. r=bz
2013-11-12 16:43:35 -08:00
Bobby Holley
f298af1bab
Bug 840488 - New domain policy API. r=bz
...
Note that this patch changes the semantics of javascript.enabled so that changes
to the pref do not apply to compartments that have already been created. This is
a significant change, but is necessary to support the new domain policy API.
After one cycle or so, we'll rip out the old API.
2013-11-12 16:43:35 -08:00
Bobby Holley
a80315ff5c
Bug 840488 - Compute immunity from caps checks exactly once, and kill nsScriptSecurityManager::CanExecuteScripts. r=bz
2013-11-12 16:43:35 -08:00
Bobby Holley
15add0796f
Bug 840488 - Remove per-JSContext script toggling. r=bz
...
Note that the checks in nsJSEnvironment::EvaluateString and EvalInWindow
can safely go away, because we call ssm->ScriptAllowed() in
nsJSUtils::EvaluateString.
2013-11-12 16:43:35 -08:00
Bobby Holley
70289cf621
Bug 840488 - Directly mark compartments whose docshells disable script execution. r=bz
2013-11-12 16:43:33 -08:00
Bobby Holley
2c448611f5
Bug 840488 - Introduce a mechanism to temporarily or permanently block script for a given scope, and use it for unsafe channels. r=bz
2013-11-12 16:43:33 -08:00
Bobby Holley
12a1ebfea9
Bug 840488 - Remove CheckFunctionAccess. r=bz
...
\o/
Aside from checking whether script is enabled, all the other work this function
does is silly.
2013-11-12 16:43:32 -08:00
Bobby Holley
48cf35f628
Bug 840488 - Get rid of aAllowIfNoScriptContext. r=bz
...
The old code seemed to feel that the lack of a script context was some sort of
showdown that required either unconditional allow or deny. Instead, let's just
make the scriptcontext-relevant checks conditional on there being a script
context, which lets us switch CheckFunctionAccess over to ScriptAllowed.
2013-11-12 16:43:32 -08:00
Bobby Holley
6c0f7db3c4
Bug 840488 - Refactor Gecko to provide a more direct API to ask whether script is allowed for a given global. r=bz
2013-11-12 16:43:31 -08:00
Garrett Robinson
fcd3642ac2
Bug 855326 - CSP 1.1 nonce-source for scripts and styles r=mrbkap r=dholbert r=geekboy
2013-11-08 15:44:39 -08:00
Daniel Holbert
a943af2236
backout 57213b64023b (bug 855326) for build bustage in debug builds
...
CLOSED TREE
2013-11-08 11:22:36 -08:00
Garrett Robinson
99a316d224
Bug 855326 - CSP 1.1 nonce-source for scripts and styles. r=mrbkap r=dholbert r=geekboy
2013-11-08 09:20:43 -08:00
Nicholas Nethercote
ba1e9bce90
Bug 925584 - Remove some unnecessary jsapi.h inclusions from .cpp files. r=Ms2ger.
...
--HG--
extra : rebase_source : 41fcb0e922a519ef679c1c1b6293c2b638e83a48
2013-10-10 15:22:35 -07:00
Mike Hommey
1d566f7586
Bug 929905 - Consolidate sources in moz.build. r=gps
2013-10-25 08:23:05 +09:00
Carsten "Tomcat" Book
a502a5c19a
merge b2g-inbound to mozilla-central
2013-10-09 10:13:52 +02:00
Karl Tomlinson
75f5a8dca9
b=923591 don't warn when checkLoadURIStrWithPrincipal() returns NS_ERROR_DOM_BAD_URI r=bz
...
--HG--
extra : transplant_source : J%09t%A3Z%B4%8C%B9%99%E0O%CE3%7Ex%93vu%9BA
2013-10-09 15:32:38 +13:00
Fabrice Desré
94d42490f8
Bug 918658 - Don't pretend that mozIApplication inherits from mozIDOMApplication r=bent
2013-10-08 15:52:26 -07:00
Christoph Kerschbaumer
270e0b71c2
Bug 897516 - Implement a separate cookie jar for safebrowsing - cookie separation part. r=mmc
2013-08-19 12:31:24 -07:00
Trevor Saunders
e8f7d269ed
bug 920754 - rm more makefiles r=mshal
2013-09-25 16:39:06 -04:00
Gregory Szorc
e53ac5e38d
Bug 920223 - Part 1: Mass convert MOCHITEST_FILES to manifests; rs=Ms2ger
2013-09-30 09:51:57 +02:00
Ed Morley
d84dee3273
Backed out changeset 77bff106b704 (bug 920223)
2013-09-30 12:50:12 +01:00
Gregory Szorc
cabc6369a6
Bug 920223 - Part 1: Mass convert MOCHITEST_FILES to manifests; rs=Ms2ger
2013-09-30 09:51:57 +02:00
Ehsan Akhgari
58e5fbc2a4
Backed out changeset a73ffb0d0c97 because of build bustage
2013-09-29 17:20:07 -04:00
Ehsan Akhgari
d9a4b7effd
Remove a number of unused variables, no bug
2013-09-29 16:42:12 -04:00
Carsten "Tomcat" Book
edb6c8fc0b
Backed out changeset 0cc959e28407 (bug 897516) failed XPC Shell tests CLOSED TREE
2013-09-27 15:45:31 +02:00
Christoph Kerschbaumer
a7fb0134c3
Bug 897516 - Implement a separate cookie jar for safebrowsing - cookie separation part. r=mmc
2013-08-19 12:31:24 -07:00
Ryan VanderMeulen
8af6d7e0b2
Backout bug 886164 for B2G regressions.
2013-09-23 21:26:05 -04:00
Jon Coppeard
8c99b0611f
Bug 918373 - GC: Handlify various public APIs r=sfink r=bholley r=smaug
2013-09-20 10:22:59 +01:00
Deian Stefan
ae78755bb7
Bug 886164 - Enforce CSP in sandboxed iframe. r=grobinson
2013-06-23 14:31:52 -07:00
Bobby Holley
103b4d8a51
Bug 917009 - Remove old-style object principal calculation. r=bz
2013-09-17 15:29:11 -07:00
Terrence Cole
244d5541e4
Bug 908750 - Fix a rooting hazard in nsScriptSecurityManger::LookupPolicy; r=bholley
...
--HG--
extra : rebase_source : 27bf6ef6bce3bed136921df15ea00ae86bd73f89
2013-08-23 08:51:40 -07:00
Cykesiopka
a8ab644dfb
Bug 909107 - Replace use of (obsolete) strres.js in test_bug292789.html. r=dveditz
2013-09-12 10:47:55 -04:00
Ryan VanderMeulen
30168b484b
Merge fx-team to m-c.
2013-09-11 21:48:20 -04:00
Martijn Wargers
a570d547c2
Bug 914940 - Remove some enablePrivilige calls. r=jgriffin
2013-09-11 10:51:09 +02:00
Dan Gohman
8b7074b6dc
Bug 910823 - Constify static js::Class/JSClass instances. r=waldo
2013-09-11 05:49:05 -07:00