Commit Graph

349 Commits

Author SHA1 Message Date
Blake Kaplan
fbea73993b Fix bug 657267. r=bz 2011-05-19 13:31:54 +02:00
Chris Leary
a7253cc393 Bug 654301: Better interned string API, take 2. (r=Waldo) 2011-05-17 12:15:12 -07:00
Josh Aas
f6eb4c8df6 Bug 637253: Remove nsIPluginInstance interface. r=bsmedberg 2011-05-17 21:48:34 -04:00
Jason Orendorff
953a8d71f6 Bug 645160 - jsdIStackFrame is incorrectly truncated at indirect eval calls. r=mrbkap. 2011-05-11 11:11:40 -05:00
Chris Leary
089bf2c468 Back out bug 654301 to run again on try. 2011-05-16 19:03:20 -07:00
Chris Leary
338cf025af Bug 654301: Better interned string API. (r=Waldo) 2011-05-16 18:18:59 -07:00
Justin Lebar
7e2c5ae50d Bug 592557 - Eliminate uses of PR_Atomic{Increment,Decrement} functions in favor of PR_ATOMIC_{INCREMENT,DECREMENT} macros. r=bsmedberg,gal
--HG--
extra : rebase_source : 71069eb9c9d61131adee49279e136c8574dabc62
2011-03-28 15:58:49 -04:00
timeless@mozdev.org
06642688cd Bug 584977 mark deprecated caps interfaces and methods with [deprecated]
r=dveditz
2011-03-27 23:59:17 -04:00
Mike Shaver
85c4348adc Backed out changeset 4d86e63ff60d, diagnostic patch; back out 3da12edf735e, followup fix; back out bug 631135 completely, unexplained intermittent orange. r=waldo, a=orange 2011-02-19 20:46:44 -08:00
Jeff Walden
414ac259f6 Bug 631135 - Objects created by or on behalf of fast natives and property ops (getters or setters) are parented to the wrong proto and global. r=lw,jst,mrbkap,bz, a=jst
--HG--
extra : rebase_source : a2f6a11ac3bcc7925cbf122057b694a0aafac970
2011-02-08 17:20:06 -08:00
Brandon Sterne
87a8f25476 Bug 600584 - add more detail to CSP violation report logging, r=jst, a=LegNeato 2011-01-31 10:09:44 -08:00
Blake Kaplan
559d15d683 Fix bug 614151. r=jst@mozilla.com, a=blocker 2010-12-28 11:21:30 -08:00
Chris Leary
1d3c0638b7 Merge mozilla-central into tracemonkey. 2011-01-04 10:51:14 -08:00
Chris Jones
252f135477 Bug 616412: Fix use-before-init bug. r=mrbkap a=a 2011-01-04 10:40:54 -06:00
Chris Leary
272d457a20 Merge mozilla-central to tracemonkey. 2010-12-29 19:25:04 -05:00
Boris Zbarsky
63efadb944 Bug 549459. Don't show information about the object principal in the error string. r=mrbkap a=blocker 2010-12-22 19:55:42 -05:00
Asaf Romano
b749359752 Bug 619800 - Enable scriptability for nsIPrincipal methods. r+sr+a=bz. 2010-12-22 15:58:22 +02:00
Luke Wagner
2fc61cf52e Bug 609440, part 3 - remove fallible public APIs, update mozilla (r=bent,jst,mrbkap,waldo,sdwilsh) 2010-12-03 00:24:17 -08:00
Peter Van der Beken
e7ca1a1d57 Fix for bug 590612 (Speed up js-wrapping in classinfo when we already have a wrapper). r=bz, a=jst. 2010-08-28 10:04:25 +02:00
Benjamin Smedberg
9f732f3d00 Remove browser_bug571289.js as a followup to bug 610381 and bug 608142. The test is meaningless because the condition is not allowed to happen. r=gal a=orange 2010-11-17 18:16:18 -05:00
Igor Bukanov
52ea348c4c bug 610198 - Replacing JS_GetStringBytes usage with JS_EncodeString. r=gal 2010-11-11 21:40:29 +01:00
David Anderson
7487c14d37 Backed out changeset 8e119f847f97 (build busted) 2010-11-11 11:19:42 -08:00
Igor Bukanov
e32ba97023 bug 610198 - Replacing JS_GetStringBytes usage with JS_EncodeString. r=gal 2010-11-02 15:36:25 +01:00
Kyle Huey
9b468f97d9 Bug 604940: Add various things to GARBAGE. r=Mitch a=NPOTB 2010-10-19 17:19:37 -04:00
Peter Van der Beken
3dae0dceb9 Bug 580128 - Always wrap Location objects in wrappers, even for same origin. r=mrbkap/gal 2010-09-29 10:00:52 -07:00
Blake Kaplan
11e65685b7 bug 580128 - Avoid using the parent chain of proxies for anything because it's often wrong. r=jst 2010-09-24 18:00:58 -07:00
Blake Kaplan
365ba05975 Bug 580128 - Make the system principal consistent over the strings it gives out. r=peterv 2010-09-17 14:54:40 -07:00
Justin Lebar
b72054ea9c Bug 571289 - Don't use nsScriptSecurityManager off the main thread. r=mrbkap, a2.0=blocking
--HG--
extra : rebase_source : 2d945cee865472804ed3aff78af237a60f5a19d4
2010-09-17 14:44:53 -07:00
Robert Sayre
59773ae503 Merge mozilla-central to tracemonkey. 2010-09-10 11:47:11 -04:00
Luke Wagner
5e9978f911 Bug 581263 - remove slow natives (r=waldo,mrbkap) 2010-08-16 12:35:04 -07:00
Michael Wu
2abb47c1f1 Bug 556644 - 4. Fix tests, r=bsmedberg a=blocking2.0
--HG--
rename : caps/tests/mochitest/test_bug292789.html => caps/tests/mochitest/test_bug292789.html.in
2010-08-10 15:18:40 -07:00
Boris Zbarsky
8366800628 Bug 593026. Make it possible to get the system principal from script. r=jst a=jst 2010-09-07 15:10:41 -04:00
Bjarne
100caa546d Bug 546606 - Make redirect API async - part 2; r=honzab.moz,cbiesinger,bjarne,jst sr=jst 2010-08-04 22:15:55 -04:00
Igor Bukanov
2019c722fb bug 571789 - merging JSObjectOps and JSExtendedClass into JSClass. r=jorendorff 2010-06-12 18:29:04 +02:00
Igor Bukanov
181c2cdf3a Backed out changeset 7b2b90efe57d -- the patch was landed against a tree with a lot of orange. This will hinder the orange resolution. 2010-07-28 14:36:06 +02:00
Igor Bukanov
a69fd0a49f bug 571789 - merging JSObjectOps and JSExtendedClass into JSClass. r=jorendorff 2010-06-12 18:29:04 +02:00
Luke Wagner
99411cc93d Bug 549143 - fatvals 2010-07-14 23:19:36 -07:00
Saint Wesonga
e7a357dcaf Bug 562387 - Convert NS_NEWXPCOM/NS_DELETEXPCOM to new/delete. r=bsmedberg 2010-07-05 11:42:18 +02:00
Dão Gottwald
9b15b69a1b Backed out changeset 59ace8d80ce8 2010-07-04 22:01:13 +02:00
Saint Wesonga
8dd5da1024 Bug 562387 - Convert NS_NEWXPCOM/NS_DELETEXPCOM to new/delete. r=bsmedberg 2010-07-04 21:39:17 +02:00
Benjamin Smedberg
a2833452f8 Merge mozilla-central to the bug 568691 branch.
--HG--
rename : gfx/public/nsITheme.h => gfx/src/nsITheme.h
2010-06-30 14:23:23 -04:00
Benjamin Smedberg
202aa47626 Bug 568691 - Add CID data back to classinfo because it's required for fastload to work correctly. 2010-06-22 12:59:57 -04:00
Benjamin Smedberg
f13550a209 Bug 568691 part B - mechanical changes to in-tree binary modules needed to get them building and registering correctly. After this patch, xpcshell appears to work. 2010-06-10 14:11:40 -04:00
Ehsan Akhgari
1c4e5eae5f Bug 519928 - IFRAME inside designMode disables JavaScript, breaking current clickjacking defenses; r=Olli.Pettay
--HG--
extra : rebase_source : 7d01d90f59e60b63e64b96bb655937fe0d0c879a
2010-06-04 17:03:50 -04:00
Dão Gottwald
b314909c2e Backed out changeset db6f8068e9a5 2010-06-29 17:49:21 +02:00
Saint Wesonga
c3669d7e9c Bug 562387 - Convert NS_NEWXPCOM/NS_DELETEXPCOM to new/delete. r=bsmedgerg 2010-06-29 17:14:36 +02:00
Ehsan Akhgari
fb10e0a996 Backed out changeset d1cbe16de6bf to fix oranges 2010-06-28 15:29:30 -04:00
Ehsan Akhgari
4ba6d6114b Bug 519928 - IFRAME inside designMode disables JavaScript, breaking current clickjacking defenses; r=Olli.Pettay 2010-06-04 17:03:50 -04:00
Dan Witte
1ac90420f6 Bug 564048 - Nix security checks in nsPrefBranch. r=sicking, sr=jst 2010-06-08 16:43:54 -07:00
Robert Sayre
def349ad75 Merge mozilla-central to tracemonkey. 2010-05-24 09:05:39 -07:00
Robert Sayre
13c247559e Merge mozilla-central to tracemonkey 2010-05-17 13:55:37 -04:00
Olli Pettay
078f01ee1d Bug 549682 - Port the message-manager API to mozilla-central, r=jst 2010-05-18 15:28:37 +03:00
Olli Pettay
ebdab93b4c Backout Bug 549682 2010-05-18 13:10:47 +03:00
Olli Pettay
af68dc73cd Bug 549682 - Port the message-manager API to mozilla-central, r=jst
--HG--
extra : rebase_source : 45b28a7762428193873a636fa7d5108607f9e4a3
2010-05-18 11:52:24 +03:00
Jason Orendorff
5aa27b84c9 Bug 560643 - Add a special jsval type to XPIDL. Part 1, rename JSVal -> jsval in existing IDL. r+sr=jst.
--HG--
extra : rebase_source : 3d50f7468277883a26790df13a639ce37757a257
2010-05-12 08:18:51 -05:00
Taras Glek
b1eaf1cf2d Bug 516085 - replace the most frequent IOService getter with an efficient one r=biesi 2010-04-12 08:44:28 -07:00
Mitchell Field
6ad77bd6db Bug 564950 - Make more use of mozilla::services, r=surkov, jst, neil, smontagu, roc, joshmoz, gavin, shaver 2010-05-14 18:24:41 +09:00
Michael Kohler
9397418412 Bug 506041 Part 2: Correct misspellings in source code
r=timeless
2010-05-13 14:19:50 +02:00
Peter Van der Beken
3fcb7546e7 Fix for bug 560199 (Link XPConnect and caps into layout). r=jst.
--HG--
extra : rebase_source : 5141822e9d560019ffc1e0cb0264782aa8aa7a99
2010-04-11 15:55:24 +02:00
Robert Sayre
5cf27a725e Merge tracemonkey to mozilla-central. 2010-03-26 15:53:14 -07:00
Igor Bukanov
9d1cbd468c bug 549010 - folowup to replace PROTO access macros with the inlne function 2010-03-04 23:52:52 -08:00
Jonas Sicking
6f2368d0b0 Bug 543696: Remove unused nsIScriptSecurityManager::CheckConnect. r/sr=mrbkap 2010-02-02 02:29:15 -08:00
Blake Kaplan
e1be12ca36 Bug 371694 - Protect ourselves against null values. r=dveditz 2010-03-22 15:50:04 -07:00
Ben Newman
0c4845ffec Bug 553448 - nsScriptSecurityManager::ContentSecurityPolicyPermitsJSAction should return JS_TRUE when no subjectPrincipal exists. r=mrbkap sr=dveditz
--HG--
extra : rebase_source : c47d6d55063c115921ee89114c4439444883c37d
2010-03-18 17:27:39 -07:00
timeless@mozdev.org
b1ec69e61c Bug 504423 ReadAnnotationEntry leaks key if nsCStringKey sets rv to failure
r=dveditz

--HG--
extra : rebase_source : 07b5d1d19d7533f1a620ab8a83f19b20f33ec6fc
2010-03-12 07:50:11 +01:00
Sid Stamm
47a3291b46 bug 515443 CSP no-eval support. r=mrbkap,brendan 2010-03-08 00:24:50 -08:00
Makoto Kato
ab84067b16 Bug 346010 - Decom nsIJAR by merging it into nsIZipReader. r=tglek, sr=bsmedberg 2010-03-07 22:56:45 +09:00
Jonas Sicking
aeb9ba77c3 Bug 543870: Implement File.url. r=bz sr=jst 2010-03-02 23:51:09 -08:00
Sid Stamm
f2278605c1 Bug 515437 CSP connection code, r=jst,dveditz sr=jst 2010-01-22 13:38:21 -08:00
Daniel Veditz
0e538279e0 Backed out changeset a6ce37b09cf5 because of possible Tp4 perf hit 2010-01-14 17:19:11 -08:00
Sid Stamm ext:(%2C%20Brandon%20Sterne%20%3Cbsterne%40mozilla.com%3E)
56ceec2c4c bug 515433, bug 515437: Content Security Policy (CSP) core 2010-01-13 14:18:24 -08:00
Peter Van der Beken
0398910587 Fix for bug 517196 (The JSClass of wrappers shouldn't change when morphing from slim to XPCWrappedNative). r=mrbkap.
--HG--
extra : rebase_source : 4f7978e3ed1335fc4f58478afc038fb63576581b
2009-09-18 12:43:48 +02:00
Taras Glek
45c73c60d8 Bug 515777 - move css files, hiddenWindow.html to jar r=bsmedberg sr=bz
--HG--
extra : rebase_source : c6ba6e900ceed210620d47f70c9b962a808a29fe
2009-10-12 12:31:50 -07:00
Taras Glek
6da4861bfc bug 521191: backed out e22bef491d84 2009-10-08 16:44:44 -07:00
Taras Glek
c7f069ab70 Backed out changeset e22bef491d84 2009-10-08 16:43:55 -07:00
Peter Van der Beken
a966d60c00 Backed out changeset 542fa9413bd0, fix for bug 517196 (The JSClass of wrappers shouldn't change when morphing from slim to XPCWrappedNative), to try to fix orange. 2009-10-08 13:42:07 -07:00
Peter Van der Beken
886612c189 Backed out changeset 542fa9413bd0, fix for bug 517196 (The JSClass of wrappers shouldn't change when morphing from slim to XPCWrappedNative), to try to fix orange. 2009-10-08 13:41:44 -07:00
Taras Glek
4c56f842c8 Bug 515777 - move css files, hiddenWindow.html to jar r=bsmedberg sr=bz 2009-10-08 11:22:50 -07:00
Peter Van der Beken
e2e773f880 Fix for bug 517196 (The JSClass of wrappers shouldn't change when morphing from slim to XPCWrappedNative). r=mrbkap.
--HG--
extra : rebase_source : 95898b5ab53d60200058374c52cdb8161aabf78b
2009-09-18 12:43:48 +02:00
Blake Kaplan
79a79a0e55 Bug 504021 - Add an API to the script security manager to clamp principals for a given context. r=jst/bzbarsky sr=dveditz 2009-08-21 18:20:20 -07:00
Igor Bukanov
6bfe4771cc bug 513190 - avoiding jsint tagging of the private slot data. r=jorendorff 2009-09-05 19:59:11 +04:00
Benjamin Smedberg
2e9438fd2f Followup to bug 398573 - remove REQUIRES from the tree since it is no longer used... automatically generated patch, rs=ted 2009-08-25 08:59:31 -07:00
Taras Glek
17420ddd67 Bug 468011 - Combine all chrome into browser+toolkit jars. r=bsmedberg 2009-08-14 09:32:40 -07:00
Blake Kaplan
3f98edd6fe Bug 502959 - Restore code to make caps allow wrapping same-origin wrappedjs objects. r=jst sr=bzbarsky 2009-08-06 20:26:33 -07:00
Boris Zbarsky
1486bf6f66 Bug 495176. Improve security error reporting when document.domain is involved. r=jst,pike sr=jst 2009-07-26 21:27:33 -04:00
David Zbarsky
aca9dc4bae Bug 392526. Some callers of nsID::ToString use a mismatched allocator to free the string. r=bsmedberg 2009-07-29 13:54:44 -04:00
Boris Zbarsky
b63722a57d Backed out changeset b55e7e3c0bfb to see whether bug 495176 might be causing the WinXP Txul regression
--HG--
extra : rebase_source : c854c6a8afad67c583ff08e23bbac27cbf99c0cd
2009-07-28 14:34:01 -04:00
Boris Zbarsky
0dc99e9f40 Backed out changeset 9d5e247b5052 to see whether bug 495176 might be causing
the WinXP Txul regression.

--HG--
extra : rebase_source : 41a0fe73ec43dff97ada391db29dc121fb677403
2009-07-28 14:32:45 -04:00
Boris Zbarsky
a920f6147b Fixing crashes during tests by null-checking the principal URI as appropriate. Bug 495176 2009-07-26 23:21:01 -04:00
Boris Zbarsky
13672ba2e1 Bug 495176. Improve security error reporting when document.domain is involved. r=jst,pike sr=jst 2009-07-26 21:27:33 -04:00
Peter Van der Beken
ca8ccf47e0 Fix for bug 482788 (Lightweight DOM wrappers). r=jst, sr=mrbkap. 2009-05-12 22:20:42 +02:00
Johnny Stenback
a511964116 Fixing bug 442399. Remove LiveConnect from the tree. r=joshmoz@gmail.com, bclary@bclary.com, sr=brendan@mozilla.org 2009-06-30 15:55:16 -07:00
Arpad Borsos
497b2e227d Back out b8e531a6c961 (Bug 474369), it really did cause the windows dhtml regression
--HG--
extra : rebase_source : 568114bcfc5a7710d9e2c2fe5e234fa190bebba1
2009-06-16 14:38:51 +02:00
Olli Pettay
cc228b8e8a Bug 489561 - nsPrincipal should cache nsIPrefBranch and codebase_principal_support pref, r+sr=dveditz, +comments from bz 2009-06-16 14:00:06 +03:00
Arpad Borsos
ef105af6ce Bug 474369 - get rid of nsVoidArray, remaining parts; r=bz, sr=dbaron 2009-05-07 17:15:26 +02:00
Phil Ringnalda
737a6446f9 Bug 495021 - CAPS unconditionally builds tests, r=shaver 2009-06-13 11:53:38 -07:00
Blake Kaplan
0e65edf009 Bug 441714 - Protect caps against SJOWs. r+sr=dveditz 2009-06-12 14:38:05 -07:00
Arpad Borsos
cd1887abfd Back out bug 474369, suspected of causing dhtml and tp3 regression 2009-06-12 23:20:55 +02:00
Arpad Borsos
3773b464cf Bug 474369 - get rid of nsVoidArray, remaining parts; r=bz, sr=dbaron
--HG--
extra : rebase_source : 2f40cba97555521222512c7cd793c2a2adcca333
2009-05-07 17:15:26 +02:00
Boris Zbarsky
74f23ff279 Bug 493495 followup. Just cut off the recursion if it gets too deep. r+sr=mrbkap 2009-05-21 15:46:05 -04:00
Boris Zbarsky
9159839164 Bug 493495. Protect against recursive attempts to report a security exception in cases when the URI objects involved can't be accessed due to being implemented as a JS component. r+sr=mrbkap 2009-05-20 21:49:42 -04:00
Boris Zbarsky
f45f0ba98e Bug 410486. Fix test failures due to the exception message getting truncated. 2009-05-20 00:57:37 -04:00
timeless@mozdev.org
eb1e7164ee Bug 410486. Make sure to be in a request when reporting a pending exception. r=dveditz, sr=mrbkap. 2009-05-19 22:11:01 -04:00
Dave Townsend
99034adf24 Backed out changeset 461d728271d1 2009-05-19 13:51:18 +01:00
Arpad Borsos
584155ddb7 Bug 474369 - get rid of nsVoidArray, remaining parts; r=bz, sr=dbaron 2009-05-07 17:15:26 +02:00
Blake Kaplan
4f88c00c6c Bug 493074 - Compute fewer things to try to clear up a performance regression. r+sr=jst 2009-05-14 15:17:56 -07:00
Blake Kaplan
3bab9bf56c Bug 483672 - Give regular JS objects that have been reflected into C++ a security policy that follows the same-origin model. Also teach caps about "same origin" for these cases. r=jst sr=bzbarsky 2009-05-13 15:01:01 -07:00
L. David Baron
8c38aba811 Switch HTML mochitests from using MochiKit.js to packed.js. (Bug 490955) r=sayrer 2009-05-06 13:46:04 -07:00
Blake Kaplan
54734b9d0b Bug 475864 - Move native anonymous content checks into a wrapper so that quickstubs don't sidestep them. r=jst sr=bzbarsky 2009-04-23 00:21:22 -07:00
Mook
9ad88404f5 Bug 472032 - [win64] sizeof(long) != sizeof(void*) assertion in nsScriptSecurityManager.cpp; changed SecurityLevel to use PRWord, clarified assertion on the protected code; r+sr=dveditz 2009-02-26 18:31:17 +01:00
Dan Mosedale
56f33790dd Remove MailNews special casing from nsScriptSecurityManager (bug 374577), r+sr=bzbarsky 2009-02-17 20:32:57 -08:00
Daniel Holbert
2a7d88e05a Bug 473236 - Remove executable bit from files that don't need it. (Only changes file mode -- no code changes.) r=bsmedberg 2009-01-21 22:55:08 -08:00
timeless@mozdev.org
caf7b1d646 Bug 412743 nsScriptSecurityManager::Init shouldn't treat failure of InitPrefs as fatal
r=mrbkap sr=dveditz
2009-01-07 20:42:15 -08:00
timeless@mozdev.org
9d1932e7d2 Bug 470804 crash [@ NS_GetInnermostURI - nsScriptSecurityManager::CheckLoadURIWithPrincipal], r=bz, sr=dveditz 2009-01-01 15:45:23 -08:00
Phil Ringnalda
dd512bcb35 Crashtest for Bug 470804 crash [@ NS_GetInnermostURI - nsScriptSecurityManager::CheckLoadURIWithPrincipal], r=bz 2009-01-01 15:45:23 -08:00
Tyler Downer
c64b359146 Bug 471146 - remove old CAPS readme (already on devmo); r=brendan 2009-01-01 14:56:44 +01:00
Boris Zbarsky
e801383a04 Bug 460425. Do better security checks during redirection. r=sicking,biesi, sr=sicking 2008-11-25 20:50:04 -05:00
Phil Ringnalda
bbe7e1d08a Bug 461888 - Remove unused PACKAGE_FILE and PACKAGE_VARS and .pkg files, mozilla-central part, r=bsmedberg 2008-11-03 19:46:28 -08:00
Blake Kaplan
5adf556d30 Bug 396851 - Check to see if we're UniversalXPConnect-enabled to allow privileged web pages to unwrap XOWs. r+sr=bzbarsky 2008-10-22 13:15:22 -07:00
Ben Newman
17eeddcb85 Bug 460124. Remove no-longer-needed code, since now we calculate hash values for nsPrincipals in a sane way. r+sr=bzbarsky 2008-10-16 10:56:51 -04:00
Igor Bukanov
59702db0da Bug 459656 - Implementing nsIThreadJSContextStack in nsXPConnect. r+sr=mrbkap 2008-10-14 16:16:25 +02:00
Arpad Borsos
8b11d938d2 Bug 456388 - Remove PR_STATIC_CALLBACK and PR_CALLBACK(_DECL) from the tree; r+sr=brendan 2008-10-10 17:04:34 +02:00
Blake Kaplan
64c490b3ef Bug 457299 - nsScriptSecurityManager doesn't suspend the request on the current context when it starts using the safe context. r+sr=bzbarsky 2008-10-08 15:05:25 -07:00
Ben Newman
fdede899e6 Bug 454850. Make sure that whenever nsPrincipal::Equals would return true for a pair of principals their nsPrincipal::GetHashValue returns are also equal. r+sr=bzbarsky 2008-10-08 09:16:27 -04:00
David Bienvenu
aff330072d bug 453943, always disable js for mailnews for 3.0 b1, don't load pref, r=bz, sr=dmose 2008-09-21 15:21:07 -07:00
David Bienvenu
4df8ee2c63 temporarily disable js in mailnews for 3.0 b1, r=bz, sr=dmose 453943 2008-09-20 08:14:14 -07:00
Arpad Borsos
9b6f558fee Bug 398946 - Remove JS_STATIC_DLL_CALLBACK and JS_DLL_CALLBACK from the tree; r=(benjamin + bent.mozilla) 2008-09-07 00:21:43 +02:00
Ben Turner
cb1f4f55af Bug 451731 - "Update caps, dom, xpconnect for Bug 451729 (checkObjectAccess moving to the JSContext)". r+sr=jst. 2008-09-05 16:26:04 -07:00
Ben Turner
b83ece5423 Bug 453720 - "Caps should assert when scripts do not contain principals". r+sr=mrbkap. 2008-09-04 15:52:20 -07:00
Jason Orendorff
b94820fbeb Bug 451571 - Delete SetExceptionWasThrown (r=dbradley, sr=jst) 2008-08-30 18:58:36 -05:00
Shawn Wilsher
837500c108 Bug 452486 - Create components when we actually have a profile
This changeset allows components to register for the profile-after-change
category in the category manager such that they will be initialized when this
topic would normally be dispatched.
r=bsmedberg
2008-08-29 16:40:05 -04:00
Honza Bambas
ec80dcba93 Bug 442812: Implement the application cache selection algorithm. r+sr=bz 2008-08-27 18:15:32 -07:00
Shawn Wilsher
ef49cb7eca Bug 450914 - Proxy nsSimpleURI for nsNullPrincipal to the main thread (was "ASSERTION: nsSimpleURI not thread-safe" during principal destruction)
This changeset creates a threadsafe uri object for the null principal to use.
2008-08-27 18:11:02 -04:00
Dave Camp
71de9a78fb Backed out changeset 1e3d4775197a (bug 442812) 2008-08-19 22:52:05 -07:00
Honza Bambas
6b04323552 Bug 442812: Implement the application cache selection algorithm. r+sr=bz 2008-08-19 19:31:08 -07:00
Boris Zbarsky
9ec967babe Bug 434522 follow-up bustage fix. 2008-07-28 23:37:58 -07:00
Boris Zbarsky
82e19a7db4 Bug 437723. Make sure to look at the nested innermost URI when looking for the origin. r+sr=sicking 2008-07-28 23:10:05 -07:00
Boris Zbarsky
563efe0fc5 Bug 434522. Make the "Permission denied to access Class.property" mesage more useful. r+sr=jst 2008-07-28 23:03:19 -07:00
jonas@sicking.cc
2558cdb12f Followup patch to bug 425201. Make sure to throw if xhr.open is called with an illegal uri. Also restore the nsIScriptSecurityManager.CheckConnect API as soap still uses it 2008-04-18 10:35:55 -07:00
gavin@gavinsharp.com
64695153a3 Rework test for bug 292789 to try and fix the timeout on qm-centos5-01 2008-04-14 01:50:51 -07:00
dveditz@cruzio.com
17cf11825a tests for bug 292789 -- forgot during checkin 2008-04-12 17:55:45 -07:00
dveditz@cruzio.com
8689328ff5 bug 292789 prevent use of chrome: URIs from <script>, <img> stylesheets, etc except for chrome packages explicitly marked contentaccessible. r=bzbarsky, sr=jst, a=beltzner 2008-04-12 14:26:19 -07:00
jonas@sicking.cc
9b874a6992 Allow XMLHttpRequest and document.load load files from subdirectories. r/sr=dveditz 2008-04-08 17:38:12 -07:00
igor@mir2.org
c0d5c51190 [bug 423874] backing out as a simpler patch would do the job with less code. 2008-03-29 03:34:29 -07:00
igor@mir2.org
7598733582 [bug 424376] backing out - too much compatibility problems. 2008-03-28 15:27:36 -07:00
bzbarsky@mit.edu
2db2275e45 Fix bug 421228. r+sr=sicking 2008-03-27 20:46:15 -07:00
igor@mir2.org
51dcc8a464 bug=424376 r=brendan a1.9b5=beltzner Compile-time function objects are no longer exposed through SpiderMonkey API. 2008-03-23 03:16:40 -07:00
jst@mozilla.org
14b80d26bc Landing followup fix for bug 402983 and re-enabling the new stricter file URI security policies. r+sr=bzbarsky@mit.edu 2008-03-22 09:50:47 -07:00
igor@mir2.org
eaa513c2f5 bug=423874 r=brendan a1.9b5=dsicore Allocating native functions together with JSObject 2008-03-21 01:19:23 -07:00
jst@mozilla.org
8b8c02a394 Fixing orange from bug 402983. Make file:///foo and file:////foo#bar compare as equal URLs. r+sr=bzbarsky@mit.edu 2008-03-20 23:01:55 -07:00
jst@mozilla.org
89acfcbf1a Landing fix for bug 402983. Make security checks on file:// URIs symmetric. Patch by dveditz@cruzio.com, r=jonas@sicking.cc,bzbarsky@mit.edu. jst@mozilla.org 2008-03-20 21:39:08 -07:00
shaver@mozilla.org
dfe9ba8c69 Bug 246699: report better errors (with stacks) for security denials. r+sr=jst, a=mconnor. 2008-03-20 01:19:15 -07:00
shaver@mozilla.org
ec9eab3d12 Test for bug 423379 (content can load chrome and/or resource), r/sr=jst. 2008-03-19 15:14:51 -07:00
shaver@mozilla.org
aedf8d5eb3 (NPOTB, r=mrbkap, a=lumpy) Remove ancient caps test cruft in preparation for incoming mochitests. Also so that the tests listed in securetest.list will not mock me from beyond the NSCP grave. 2008-03-19 14:26:09 -07:00
jonas@sicking.cc
21fb00611b Bug 413161: Make nsIPrincipal::Origin ignore changes to document.domain. r/sr=dveditz 2008-03-18 17:27:56 -07:00
bzbarsky@mit.edu
5383803699 Finally kill off CheckSameOriginPrincipal, fix remaining callers to do the checks they really want to be doing. Fix screw-up in nsPrincipal::Equals if one principal has a cert and the other does not. Bug 418996, r=mrbkap,dveditz, sr=jst 2008-03-18 14:14:49 -07:00
gavin@gavinsharp.com
b468aa6f00 Back out bug 246699 to fix bug 423375, per shaver 2008-03-17 07:10:48 -07:00
timeless@mozdev.org
7b35ecf9cb Bug 246699 CAPS security exceptions should throw richer exception info (not just raw string) r=shaver a=shaver 2008-03-11 10:30:23 -07:00
reed@reedloden.com
ccc33c98c5 Bug 420081 - "Case mismatch between nsIURI and nsIUri in nsIPrincipal.idl" [p=mschroeder@mozilla.x-home.org (Martin Schröder [mschroeder]) r+sr=jst a1.9=beltzner] 2008-03-08 03:20:21 -08:00
jonas@sicking.cc
65f4571f58 Bug 416534: Clean up cross-site xmlhttprequest security checks. With fixes to tests this time. r/sr=peterv 2008-02-26 19:45:29 -08:00
myk@mozilla.org
b5e898ddd7 backing out fix for bug 416534 as potential cause of mochitest failure 2008-02-26 19:23:36 -08:00
jonas@sicking.cc
84548acb75 Bug 416534: Clean up cross-site xmlhttprequest security checks. r/sr=peterv 2008-02-26 18:17:49 -08:00
Olli.Pettay@helsinki.fi
67622f2077 Bug 411054, Audit IsNativeAnonymous()/GetBindingParent() uses, r+sr=sicking 2008-02-26 04:40:18 -08:00
reed@reedloden.com
7b58057fad Bug 417710 - "Use JS_GET_CLASS, not JS_GetClass" [p=gyuyoung.kim@samsung.com (gyu-young kim) r=jorendorff r=jst sr+a1.9=brendan] 2008-02-25 00:59:20 -08:00
jonas@sicking.cc
ba446696ec Bug 397878: Send Referer-Root header when doing cross-site access requests. Also update domain pattern matching to spec. Patch by <suryaismail@gmail.com>. r=bent sr=sicking b3a=beltzner 2008-01-31 00:16:54 -08:00
jst@mozilla.org
85f3006178 Fixing bustage. 2008-01-29 13:11:24 -08:00
jst@mozilla.org
6ecbc04940 Fixing bug 413767. Make caps use faster JS class/parent/private/proto accessors. r=mrbkap@gmail.com, sr=brendan@mozilla.org 2008-01-29 12:51:01 -08:00
jst@mozilla.org
a2481a1918 Fixing bug 317240. Re-enabling caps optimization now that a documents principal never changes. r+sr=bzbarsky@mit.edu 2008-01-28 09:51:38 -08:00
jst@mozilla.org
0b7afd6193 Fixing bug 412691. Remove unnecessary nsCOMPtr's from performance critical code paths. r+sr=jonas@sicking.cc 2008-01-16 16:32:26 -08:00
benjamin@smedbergs.us
dfc4cee45d Bug 411327 - nsIXPCNativeCallContext should not inherit from nsISupports, r=mrbkap, a=schrep 2008-01-15 07:50:57 -08:00
dwitte@stanford.edu
97a45f037f thoroughly whack mallocfest in nsID/nsJSID and friends. b=410250, r+sr=jst, a=blocking1.9+ 2008-01-11 20:30:42 -08:00
dwitte@stanford.edu
9d626da131 partial backout in an attempt to fix orange. 2008-01-11 02:08:58 -08:00
dwitte@stanford.edu
8a6c4d235f relanding bug 410250. 2008-01-11 01:13:04 -08:00
dwitte@stanford.edu
d2b6f4f5ed backing out to fix orange. 2008-01-10 20:59:44 -08:00
dwitte@stanford.edu
1798542e9f thoroughly whack mallocfest in nsID/nsJSID and friends. b=410250, r+sr=jst, a=blocking1.9+ 2008-01-10 19:56:00 -08:00
timeless@mozdev.org
c96d0561e1 Bug 334306 useless null check in nsDestroyJSPrincipals r=dbaron sr=dveditz a=mtschrep 2008-01-06 06:53:24 -08:00
mrbkap@gmail.com
32601361e2 Always throw an exception, even if we cannot reach a principal. bug 409514, r+sr+a=jst 2008-01-04 17:32:23 -08:00
jst@mozilla.org
41ea116da8 Fixing bug 410851. Expose a faster way of getting the subject principal, and use that from performance critical code. r+sr=mrbkap@gmail.com 2008-01-04 15:59:12 -08:00
mrbkap@gmail.com
ca0549b22f XPCNativeWrappers can confuse the short-circuiting code. bug 409291, r+sr=jst a=beltzner 2007-12-21 11:06:29 -08:00
jst@mozilla.org
17c85fe694 Fixing bug 408009. Make doGetObjectPrincipal() faster. r+sr=bzbarsky@mit.edu, r+a=brendan@mozilla.org 2007-12-12 15:02:25 -08:00
philringnalda@gmail.com
2970c7f3be Bug 400247 - remove XP_MAC deadcode in nsScriptSecurityManager.cpp, r+sr=bz, a=dsicore 2007-11-12 19:23:17 -08:00
tglek@mozilla.com
9c6d7f11a1 Bug 398574:Prbool fixes r=bz a=release drivers 2007-11-12 13:47:11 -08:00
jonas@sicking.cc
903acf3ee6 bug 394390: Don't report bogus warnings to the error console when using cross-site xmlhttprequest. Patch by Surya Ismail <suryaismail@gmail.com>, r/sr=sicking 2007-10-26 18:46:09 -07:00
bzbarsky@mit.edu
06f6b88b65 Make the "href" property of stylesheets reflect the original URI that was reflected to load the sheet. Bug 397427, r=dbaron,biesi, sr=dbaron, a=dsicore 2007-10-23 14:56:41 -07:00
bzbarsky@mit.edu
f213fb7ef5 Somewhat reduce the amount of memory an nsPrincipal allocates in the common case. Bug 397733, r+sr+a=jst 2007-09-28 07:31:04 -07:00
bzbarsky@mit.edu
8ff844ab55 Make the nsISerializable implementation of nsPrincipal actually work. This makes it possible to save principal objects to a stream and read them back. Bug 369566, r=dveditz+brendan, sr=jst, a=jst 2007-09-17 15:18:28 -07:00
dveditz@cruzio.com
8877000696 bugs 230606 and 209234: add options to restrict file: URI same-origin policies, r+sr=jst, blocking+=pavlov 2007-09-06 00:02:57 -07:00
bent.mozilla@gmail.com
fd28607fdf Bug 304048 - Backing out patch due to TXUL regression. 2007-08-30 17:52:58 -07:00
bent.mozilla@gmail.com
dea35a2d77 Bug 304048 - "xpconnect getters/setters don't have principals until after they pass or fail their security check." Patch by jst, sr=bzbarsky, a=jst. 2007-08-28 17:16:21 -07:00
bzbarsky@mit.edu
3aad27711a Add some sanity null-checks. Bug 387446, r=dveditz, sr+a=jst 2007-08-06 19:09:16 -07:00
sdwilsh@shawnwilsher.com
d8e0b2e9bf Bustage fix 2007-07-11 14:20:11 -07:00
jwalden@mit.edu
e3c4baccae Bug 348748 - Replace all instances of NS_STATIC_CAST and friends with C++ casts (and simultaneously bitrot nearly every patch in existence). r=bsmedberg on the script that did this. Tune in next time for Macro Wars: Episode II: Attack on the LL_* Macros. 2007-07-08 00:08:04 -07:00
bzbarsky@mit.edu
5eafaa49e5 Make security manager API more useful from script. Make more things
scriptable, and add a scriptable method for testing whether a given principal
is the system principal.  Bug 383783, r=dveditz, sr=jst
2007-06-18 08:12:09 -07:00
bzbarsky@mit.edu
5289e91a54 Optimize immutability of codebase/domain a little bit. Bug 380475, r=dveditz, sr=biesi 2007-06-18 08:07:02 -07:00
bzbarsky@mit.edu
e9c47c9a9e Make nsPrincipal::Equals compare codebases, not just certs, for certificate
principals.  Bug 369201, r=dveditz, sr=jst
2007-06-18 08:01:53 -07:00
benjamin@smedbergs.us
2e25a321f8 Bug 376636 - Building with gcc 4.3 and -pendatic fails due to extra semicolons, patch by Art Haas <ahaas@airmail.net>, rs=me 2007-04-23 07:21:53 -07:00
dbaron@dbaron.org
a7d9802f77 Remove GetKeyPointer method from nsTHashtable key types. b=374906 r=bsmedberg 2007-03-27 08:34:59 -07:00
dbaron@dbaron.org
85eb65ced4 Remove unused getKey callback from PLDHashTableOps/JSDHashTableOps. b=374906 r=bsmedberg 2007-03-27 08:33:38 -07:00
hg@mozilla.com
465265d0d4 Free the (distributed) Lizard! Automatic merge from CVS: Module mozilla: tag HG_REPO_INITIAL_IMPORT at 22 Mar 2007 10:30 PDT, 2007-03-22 10:30:00 -07:00