Vaibhav Agarwal
b192b2603d
Bug 971132 - B2G mochitests should use the new manifest format; r=jmaher
2014-03-06 13:42:43 -05:00
Luke Wagner
13dba8c69f
Bug 976348 - Change DescribeScriptedCaller to not return a JSScript (r=bholley)
...
--HG--
extra : rebase_source : 58387ce3e4c49d3140b92b84bf3577fc6584820e
2014-02-25 09:43:14 -06:00
Bobby Holley
0b617791f7
Bug 956382 - Remove implementations of *IgnoringDomain variants. r=mrbkap
2014-02-13 18:57:36 -08:00
Bobby Holley
b0bfce7adb
Bug 956382 - Remove unused CAPS gunk. r=mrbkap
2014-02-13 18:57:36 -08:00
Bobby Holley
890321fe88
Bug 956382 - Hoist nsScriptSecurityManager::CheckSameOriginPrincipal into nsPrincipal::EqualsConsideringDomain. r=mrbkap
2014-02-13 18:57:36 -08:00
Bobby Holley
397263afdb
Bug 956382 - Ignore document.domain by default. r=mrbkap
2014-02-13 18:57:36 -08:00
Bobby Holley
22b7a4d6a4
Bug 956382 - Introduce an explicit API to do principal checks with document.domain. r=mrbkap
2014-02-13 18:57:34 -08:00
Bobby Holley
876aaba4b2
Bug 972478 - Docshell scriptability should only affect non-immune principals. r=bz
2014-02-13 15:40:50 -08:00
Sid Stamm
63be537c78
Bug 911547 - make nsIContentSecurityPolicy serializable and trigger read/write from nsPrincipal. r=jst,grobinson
...
--HG--
extra : rebase_source : 3e1846e15538729f3c94f5c1470959b5d7b31f0f
2014-01-23 15:34:59 -08:00
Bobby Holley
3b985cf9d7
Bug 957688 - Remove nsIXPCSecurityManager::CanAccess and nsScriptSecurityManager::CheckPropertyAccessImpl. r=mrbkap
...
\o/
2014-01-24 16:08:26 -08:00
Bobby Holley
17b7b929d6
Bug 957688 - Remove nsIScriptSecurityManager::CheckPropertyAccess. r=mrbkap
2014-01-24 16:08:26 -08:00
Bobby Holley
400e5a6f32
Bug 957688 - Remove checkObjectAccess security callback. r=mrbkap
...
There's no need for the JS shell stuff either, since vm/Runtime.cpp already
sets up NullSecurityCallbacks by default.
2014-01-24 16:08:25 -08:00
Terrence Cole
20431f8abe
Bug 959787 - Handlify several JSAPI interfaces that can GC, Part 4; r=sfink,r=bz
...
--HG--
extra : rebase_source : 8e1ff566f47795cd82e3f4c0a6fa37b88e7847b4
2014-01-17 10:08:51 -08:00
Bobby Holley
43e5dd28b3
Bug 794943 - Remove CheckXPCPermissions. r=mrbkap
2014-01-16 15:45:40 -08:00
Bobby Holley
4fb4f2219e
Bug 794943 - Remove nsISecurityCheckedComponent interface. r=mrbkap
2014-01-16 15:45:40 -08:00
Bobby Holley
26c0f3639c
Bug 794943 - Remove checks for nsISecurityCheckedComponent in caps. r=mrbkap
2014-01-16 15:45:40 -08:00
Tom Schuster
5e3191afd2
Bug 939294 - Change xpidl jsval to handles. r=gabor,bz,khuey,bsmedberg,terrence
2014-01-09 18:39:36 +01:00
Garrett Robinson
c3275ebb9b
Bug 883975 - CSP 1.1 hash-source. r=sstamm, r=dholbert, r=mrbkap
2014-01-02 11:14:06 -08:00
Christian Legnitto
170d2cae88
Bug 935377 - Firefox should fix common scheme typos, r=dolske
2014-01-12 12:02:27 -08:00
Ryan VanderMeulen
f4de297d84
Backed out 6 changesets (bug 939294) for B2G bustage on a CLOSED TREE.
...
Backed out changeset 8c3aa9973da0 (bug 939294)
Backed out changeset 37098c13e59e (bug 939294)
Backed out changeset 7c9ade6c871c (bug 939294)
Backed out changeset fed59539afc1 (bug 939294)
Backed out changeset 89e9d3fa16fc (bug 939294)
Backed out changeset c97e58ebc5f4 (bug 939294)
2014-01-09 14:17:39 -05:00
Tom Schuster
21327fd2ce
Bug 939294 - Handlify all the rest. r=terrence
2014-01-09 18:39:37 +01:00
Gabor Krizsanits
e43c830de6
Bug 952192 - getObjectPrincipal should be script callable. r=bholley
2014-01-09 15:28:46 +01:00
Carsten "Tomcat" Book
c87090db07
Backed out changeset 18eeafedd180 (bug 952192) XPC Shell Bustage on a CLOSED TREE
2014-01-09 12:53:22 +01:00
Gabor Krizsanits
e49d78a446
Bug 952192 - getObjectPrincipal should be script callable. r=bholley
2014-01-09 11:31:33 +01:00
Ehsan Akhgari
eaa7491d77
Bug 927728 - Part 1: Replace PRUnichar with char16_t; r=roc
...
This patch was automatically generated by the following script:
#!/bin/bash
# Command to convert PRUnichar to char16_t
function convert() {
echo "Converting $1 to $2..."
find . ! -wholename "*nsprpub*" \
! -wholename "*security/nss*" \
! -wholename "*modules/libmar*" \
! -wholename "*/.hg*" \
! -wholename "obj-ff-dbg*" \
! -name prtypes.h \
! -name Char16.h \
-type f \
\( -iname "*.cpp" \
-o -iname "*.h" \
-o -iname "*.c" \
-o -iname "*.cc" \
-o -iname "*.idl" \
-o -iname "*.ipdl" \
-o -iname "*.ipdlh" \
-o -iname "*.mm" \) | \
xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}
convert PRUnichar char16_t
2014-01-04 10:02:17 -05:00
Luke Wagner
d169b4cf47
Bug 924905 - Do a subsumes check inside the stack iterator. r=jandem
...
--HG--
extra : rebase_source : ff8407c4f79fd3e2264470379470c526a751e45f
2014-01-03 10:32:56 -06:00
Trevor Saunders
c2b2fcd3d4
bug 949821 - use MOZ_UTF16 more and NS_LITERAL_STRING less r=froydnj
2013-12-12 20:50:01 -05:00
Bobby Holley
ef89950db8
Bug 913734 - Remove namespace mozilla::hotness. r=mrbkap
2013-12-13 19:15:44 -08:00
Bobby Holley
de33dca828
Bug 913734 - Remove EnabledID() machinery. r=mrbkap
2013-12-13 19:15:44 -08:00
Bobby Holley
a3b92ad7aa
Bug 913734 - Remove now-unused policy machinery. r=mrbkap
2013-12-13 19:15:43 -08:00
Bobby Holley
79e6071dc4
Bug 913734 - Stop consulting domain policies in CAPS. r=mrbkap
...
The whole LookupPolicy juggernaut is basically a mechanism for setting custom
per-(protocol, origin, property, action) access control in the preferences
service.
There are two sets of preferences currently in all.js. One of them is set up
for mailnews, for the mailbox:, imap:, and news: protocols. According to jst,
this was designed as a whack-a-mole security mechanism for javascript running
in HTML email. IIUC, we no longer allow JS to run at all in mailnews, so this
is obsolete.
The other mechanism appears to be our old-fashioned implementation of the
same-origin policy, which has been obsoleted by the new compartment
architecture.
In addition, most of this stuff was obsoleted by the new dom bindings, since
these DOM classes no longer go through XPCWrappedNativeJSOps, and thus no
longer trigger these security checks at all.
We stop using the infrastructure in this patch, and rip it out in the next one.
2013-12-13 19:15:43 -08:00
Bobby Holley
c919bbd7bf
Bug 913734 - Stop storing security policies on XPCWrappedNativeProtos. r=mrbkap
...
This is just a cache, so we can safely remove it without impacting correctness.
The rest of this mechanism goes away in subsequent patches.
2013-12-13 19:15:43 -08:00
Birunthan Mohanathas
58325c73be
Bug 713082 - Part 2: Rename Util.h to ArrayUtils.h. r=Waldo
...
--HG--
rename : mfbt/Util.h => mfbt/ArrayUtils.h
2013-12-08 21:52:54 -05:00
Bobby Holley
c5cf24313d
Bug 932906 - Exempt Remote XUL from CanCreateWrapper checks. r=bz
2013-12-04 19:15:40 -08:00
Joshua Cranmer
34b10dd70f
Bug 884676 - Convert JSPrincipals::refcount to Atomic<int32_t> in JS_THREADSAFE builds, and remove JS_ATOMIC_*. r=Waldo
2013-11-27 09:37:10 -06:00
Deian Stefan
d4fabf325e
Bug 886164 - Enforce CSP in sandboxed iframe, r=grobinson
2013-11-22 15:12:00 -08:00
Michael Shuen
f0ed23aa2a
Bug 941332 - Build caps/src in unified mode. r=ehsan
2013-11-21 09:22:26 -05:00
Mike Hommey
931cb49886
Bug 939632 - Remove LIBRARY_NAME for leaf libraries. r=gps
...
Landing on a CLOSED TREE.
2013-11-19 11:50:54 +09:00
Mike Hommey
db9e5129bc
Bug 939074 - Remove most LIBXUL_LIBRARY. rs=gps
2013-11-19 11:48:10 +09:00
Mike Hommey
b18be7aacd
Bug 939044 - Rename remaining MODULE definitions to XPIDL_MODULE. r=mshal
2013-11-19 11:47:43 +09:00
Mike Hommey
f0d1cd1e10
Bug 939044 - Remove most definitions of MODULE. r=mshal
2013-11-19 11:47:39 +09:00
Mike Hommey
f81885e53b
Bug 935881 - Use FINAL_LIBRARY for all (fake) libraries that end up linked in a single other library. r=gps
2013-11-19 11:47:14 +09:00
Tom Schuster
f052cdba92
Bug 933834 - Rename and handlify JS_ValueToString. r=terrence,bz
2013-11-16 13:31:36 +01:00
Ms2ger
29adada2a2
Backout changesets ded0d64f6786:03f041d03f24 and 30cbd1abde1a (bug 935696, bug 933834 and bug 939194) for build bustage.
2013-11-17 16:39:25 +01:00
Tom Schuster
a12aa024e6
Bug 933834 - Rename and handlify JS_ValueToString. r=terrence,bz
2013-11-16 13:31:36 +01:00
Bobby Holley
bb42d1a217
Bug 840488 - Tests. r=bz
2013-11-12 16:43:35 -08:00
Bobby Holley
db1330e2ca
Bug 840488 - New domain policy API. r=bz
...
Note that this patch changes the semantics of javascript.enabled so that changes
to the pref do not apply to compartments that have already been created. This is
a significant change, but is necessary to support the new domain policy API.
After one cycle or so, we'll rip out the old API.
2013-11-12 16:43:35 -08:00
Bobby Holley
c04d2567ce
Bug 840488 - Compute immunity from caps checks exactly once, and kill nsScriptSecurityManager::CanExecuteScripts. r=bz
2013-11-12 16:43:35 -08:00
Bobby Holley
23cf12e7bb
Bug 840488 - Remove per-JSContext script toggling. r=bz
...
Note that the checks in nsJSEnvironment::EvaluateString and EvalInWindow
can safely go away, because we call ssm->ScriptAllowed() in
nsJSUtils::EvaluateString.
2013-11-12 16:43:35 -08:00
Bobby Holley
a10c940425
Bug 840488 - Directly mark compartments whose docshells disable script execution. r=bz
2013-11-12 16:43:33 -08:00