Sid Stamm ext:(%2C%20Brandon%20Sterne%20%3Cbsterne%40mozilla.com%3E)
|
56ceec2c4c
|
bug 515433, bug 515437: Content Security Policy (CSP) core
|
2010-01-13 14:18:24 -08:00 |
|
Blake Kaplan
|
79a79a0e55
|
Bug 504021 - Add an API to the script security manager to clamp principals for a given context. r=jst/bzbarsky sr=dveditz
|
2009-08-21 18:20:20 -07:00 |
|
Johnny Stenback
|
a511964116
|
Fixing bug 442399. Remove LiveConnect from the tree. r=joshmoz@gmail.com, bclary@bclary.com, sr=brendan@mozilla.org
|
2009-06-30 15:55:16 -07:00 |
|
Blake Kaplan
|
5adf556d30
|
Bug 396851 - Check to see if we're UniversalXPConnect-enabled to allow privileged web pages to unwrap XOWs. r+sr=bzbarsky
|
2008-10-22 13:15:22 -07:00 |
|
jonas@sicking.cc
|
2558cdb12f
|
Followup patch to bug 425201. Make sure to throw if xhr.open is called with an illegal uri. Also restore the nsIScriptSecurityManager.CheckConnect API as soap still uses it
|
2008-04-18 10:35:55 -07:00 |
|
jonas@sicking.cc
|
9b874a6992
|
Allow XMLHttpRequest and document.load load files from subdirectories. r/sr=dveditz
|
2008-04-08 17:38:12 -07:00 |
|
jonas@sicking.cc
|
21fb00611b
|
Bug 413161: Make nsIPrincipal::Origin ignore changes to document.domain. r/sr=dveditz
|
2008-03-18 17:27:56 -07:00 |
|
bzbarsky@mit.edu
|
5383803699
|
Finally kill off CheckSameOriginPrincipal, fix remaining callers to do the checks they really want to be doing. Fix screw-up in nsPrincipal::Equals if one principal has a cert and the other does not. Bug 418996, r=mrbkap,dveditz, sr=jst
|
2008-03-18 14:14:49 -07:00 |
|
reed@reedloden.com
|
ccc33c98c5
|
Bug 420081 - "Case mismatch between nsIURI and nsIUri in nsIPrincipal.idl" [p=mschroeder@mozilla.x-home.org (Martin Schröder [mschroeder]) r+sr=jst a1.9=beltzner]
|
2008-03-08 03:20:21 -08:00 |
|
jonas@sicking.cc
|
65f4571f58
|
Bug 416534: Clean up cross-site xmlhttprequest security checks. With fixes to tests this time. r/sr=peterv
|
2008-02-26 19:45:29 -08:00 |
|
myk@mozilla.org
|
b5e898ddd7
|
backing out fix for bug 416534 as potential cause of mochitest failure
|
2008-02-26 19:23:36 -08:00 |
|
jonas@sicking.cc
|
84548acb75
|
Bug 416534: Clean up cross-site xmlhttprequest security checks. r/sr=peterv
|
2008-02-26 18:17:49 -08:00 |
|
jst@mozilla.org
|
41ea116da8
|
Fixing bug 410851. Expose a faster way of getting the subject principal, and use that from performance critical code. r+sr=mrbkap@gmail.com
|
2008-01-04 15:59:12 -08:00 |
|
jonas@sicking.cc
|
903acf3ee6
|
bug 394390: Don't report bogus warnings to the error console when using cross-site xmlhttprequest. Patch by Surya Ismail <suryaismail@gmail.com>, r/sr=sicking
|
2007-10-26 18:46:09 -07:00 |
|
bzbarsky@mit.edu
|
5eafaa49e5
|
Make security manager API more useful from script. Make more things
scriptable, and add a scriptable method for testing whether a given principal
is the system principal. Bug 383783, r=dveditz, sr=jst
|
2007-06-18 08:12:09 -07:00 |
|
hg@mozilla.com
|
465265d0d4
|
Free the (distributed) Lizard! Automatic merge from CVS: Module mozilla: tag HG_REPO_INITIAL_IMPORT at 22 Mar 2007 10:30 PDT,
|
2007-03-22 10:30:00 -07:00 |
|