Commit Graph

145 Commits

Author SHA1 Message Date
Bobby Holley
400e5a6f32 Bug 957688 - Remove checkObjectAccess security callback. r=mrbkap
There's no need for the JS shell stuff either, since vm/Runtime.cpp already
sets up NullSecurityCallbacks by default.
2014-01-24 16:08:25 -08:00
Bobby Holley
43e5dd28b3 Bug 794943 - Remove CheckXPCPermissions. r=mrbkap 2014-01-16 15:45:40 -08:00
Bobby Holley
26c0f3639c Bug 794943 - Remove checks for nsISecurityCheckedComponent in caps. r=mrbkap 2014-01-16 15:45:40 -08:00
Luke Wagner
d169b4cf47 Bug 924905 - Do a subsumes check inside the stack iterator. r=jandem
--HG--
extra : rebase_source : ff8407c4f79fd3e2264470379470c526a751e45f
2014-01-03 10:32:56 -06:00
Bobby Holley
ef89950db8 Bug 913734 - Remove namespace mozilla::hotness. r=mrbkap 2013-12-13 19:15:44 -08:00
Bobby Holley
a3b92ad7aa Bug 913734 - Remove now-unused policy machinery. r=mrbkap 2013-12-13 19:15:43 -08:00
Bobby Holley
c919bbd7bf Bug 913734 - Stop storing security policies on XPCWrappedNativeProtos. r=mrbkap
This is just a cache, so we can safely remove it without impacting correctness.
The rest of this mechanism goes away in subsequent patches.
2013-12-13 19:15:43 -08:00
Deian Stefan
d4fabf325e Bug 886164 - Enforce CSP in sandboxed iframe, r=grobinson 2013-11-22 15:12:00 -08:00
Mike Hommey
f0d1cd1e10 Bug 939044 - Remove most definitions of MODULE. r=mshal 2013-11-19 11:47:39 +09:00
Bobby Holley
db1330e2ca Bug 840488 - New domain policy API. r=bz
Note that this patch changes the semantics of javascript.enabled so that changes
to the pref do not apply to compartments that have already been created. This is
a significant change, but is necessary to support the new domain policy API.
After one cycle or so, we'll rip out the old API.
2013-11-12 16:43:35 -08:00
Bobby Holley
c04d2567ce Bug 840488 - Compute immunity from caps checks exactly once, and kill nsScriptSecurityManager::CanExecuteScripts. r=bz 2013-11-12 16:43:35 -08:00
Bobby Holley
8f0a543a5c Bug 840488 - Get rid of aAllowIfNoScriptContext. r=bz
The old code seemed to feel that the lack of a script context was some sort of
showdown that required either unconditional allow or deny. Instead, let's just
make the scriptcontext-relevant checks conditional on there being a script
context, which lets us switch CheckFunctionAccess over to ScriptAllowed.
2013-11-12 16:43:32 -08:00
Ryan VanderMeulen
be66de2bb1 Backout bug 886164 for B2G regressions. 2013-09-23 21:26:05 -04:00
Deian Stefan
b8838cbd40 Bug 886164 - Enforce CSP in sandboxed iframe. r=grobinson 2013-06-23 14:31:52 -07:00
Bobby Holley
50e7599f3d Bug 917009 - Remove old-style object principal calculation. r=bz 2013-09-17 15:29:11 -07:00
Terrence Cole
f5dd5ae961 Bug 908750 - Fix a rooting hazard in nsScriptSecurityManger::LookupPolicy; r=bholley
--HG--
extra : rebase_source : 27bf6ef6bce3bed136921df15ea00ae86bd73f89
2013-08-23 08:51:40 -07:00
Jan Varga
67195df918 Bug 785884 - Implement support for temporary storage (aka shared pool). r=ehsan, r=bent
--HG--
rename : caps/tests/mochitest/test_principal_extendedorigin_appid_appstatus.html => caps/tests/mochitest/test_principal_jarprefix_origin_appid_appstatus.html
rename : dom/quota/UsageRunnable.h => dom/quota/UsageInfo.h
2013-09-11 06:18:36 +02:00
Bobby Holley
a650c85e02 Bug 905364 - Stop using the SafeJSContext in nsScriptSecurityManager::Init. r=mrbkap
With this patch, I've confirmed that we instantiate the SafeJSContext much later
in startup, during nsAppStartupNotifier::Observe (which ends up invoking an
XPCWrappedJS). As such, this should solve a number of our startup ordering woes.
2013-09-06 11:35:12 -07:00
Nicholas Nethercote
d74157039d Bug 911020 - Introduce js/TypeDecls.h, which holds very commonly used type declarations from the JS engine. r=luke.
--HG--
extra : rebase_source : 008ef689989f93b46627b8be8608bdbc544ca3a2
2013-08-27 19:59:14 -07:00
Nicholas Nethercote
b89a8ac1c0 Bug 905017 (part 1) - Minimize inclusions of JS engine headers in .h and .idl files. r=billm.
--HG--
extra : rebase_source : 984c61ab12f46be0509b1ce0d458d9a6e5841c64
2013-08-17 15:50:18 -07:00
Phil Ringnalda
cfde005e04 Back out c39d60483813 (bug 905364) for xpcshell and b2g desktop bustage 2013-08-16 22:38:48 -07:00
Bobby Holley
f3b2fb17ba Bug 905364 - Stop using the SafeJSContext in nsScriptSecurityManager::Init. r=mrbkap
With this patch, I've confirmed that we instantiate the SafeJSContext much later
in startup, during nsAppStartupNotifier::Observe (which ends up invoking an
XPCWrappedJS). As such, this should solve a number of our startup ordering woes.
2013-08-16 20:28:17 -07:00
Nicholas Nethercote
849635b8f1 Bug 898914 (part 1) - Remove JSBool.
--HG--
extra : rebase_source : 2d202e0e5005a7f54724b1540481c15cde3ad52e
2013-08-08 15:53:04 -07:00
Ehsan Akhgari
3717325909 Bug 872127 - Part 2: Replace mozilla/StandardInteger.h with stdint.h; r=Waldo,ted 2013-07-30 10:25:31 -04:00
Bobby Holley
f3faf5fa9c Bug 885668 - Removed specialized function object principal machinery from CAPS. r=bz 2013-07-15 11:22:10 -07:00
Jon Coppeard
19b426b223 Bug 885310 - 1 Rename JSHandleFoo in the browser r=bz 2013-06-21 14:12:46 +01:00
Bobby Holley
ae71a232fe Bug 884362 - Use AutoJSContext in nsScriptSecurityManager::LoadPolicy. r=bz
This cx is just used for rooting etc. As such, we really just want whatever
cx is on the stack, but want a default if the stack-top cx is null (which it
sometimes is, here). And that's exactly what AutoJSContext gives us.
2013-06-20 11:05:32 -07:00
Jon Coppeard
da723794cd Bug 884371 - Remove JSMutableHandleXXX from the browser r=bz 2013-06-19 11:32:27 +01:00
Trevor Saunders
84b5066ed3 bug 873622 - remove nsScriptSecurityManager::sXPConnect r=bholley 2013-05-29 19:49:11 -04:00
Boris Zbarsky
be0882e3a1 Bug 873735 part 1. Fix the more or less mechanical browser rooting hazards. r=terrence 2013-05-20 08:40:06 -04:00
Gregory Szorc
c1b865f669 Bug 873629 - Remove 129 empty Makefile.in files; r=ted 2013-05-17 16:20:11 -07:00
Ehsan Akhgari
b4be6ea2b3 Bug 871262 - Fix rooting hazards in the CAPS code; r=till 2013-05-12 15:52:21 -04:00
David Zbarsky
2b92e27f70 Bug 867459 - Fix caps rooting hazards r=terrence 2013-05-02 22:02:40 -04:00
Bobby Holley
4afac12af4 Bug 865729 - Use sXPConnect directly in caps. r=gabor
It's tempting to go through nsContentUtils here, but I'm pretty sure caps is
initialized before nsContentUtils.
2013-04-29 11:16:21 -07:00
Mike Shal
24b4056720 Bug 846634 - Part 2: Move EXPORTS to moz.build; r=joey 2013-04-16 15:24:43 -04:00
matekm
90c6854f38 Bug 784739 - Switch from NULL to nullptr in caps/; r=ehsan 2013-04-02 20:16:25 -04:00
Kyle Machulis
f5e3aadf0b Bug 855465 - Add emacs python mode comments to moz.build files; r=gps 2013-04-01 11:36:59 -07:00
Kyle Machulis
d2b6e6e01a Backout for changeset 03452b187c14 (Bug 855465) due to bustage on a CLOSED TREE; r=qdot 2013-03-29 15:12:58 -07:00
Kyle Machulis
5663b98bc5 Bug 855465 - Add emacs python mode comments to moz.build files; r=gps
--HG--
extra : rebase_source : 004a756492323e1a049586e85b3be5037159df20
2013-03-29 13:56:18 -07:00
Mike Shal
ea1d9b8ba7 Bug 844654 - Part 2: Move MODULE to moz.build; rs=gps 2013-03-19 11:47:00 -07:00
Trevor Saunders
324dfcc313 bug 852379 - remove unecessary nsHashtable.h includes r=Ms2ger 2013-03-18 21:18:26 -04:00
Daniel Holbert
0d1377f7a3 Bug 849086: Remove unused *_CLASSNAME defines. r=bsmedberg 2013-03-15 10:52:10 -07:00
Gregory Szorc
2559da553f Bug 784841 - Bug 18f: Convert /caps; f=Ms2ger rs=ted 2013-02-25 12:47:18 -08:00
Jan de Mooij
47b9c974fe Bug 833817 part 2 - Remove unused frame argument from GetFunctionObjectPrincipal. r=bholley
--HG--
extra : rebase_source : 1a7e2428c64d806960fa749095b7d0b9ec439c01
2013-01-24 20:39:27 +01:00
Ian Melven
8e2e11cbca Bug 752529 - workers shouldn't use string origins as null principals don't have them. Part 2 - nsPrincipal GetBaseDomain (r=bz) 2013-01-08 13:53:32 -08:00
Nicholas Nethercote
62a988b8b2 Bug 826154 - Remove unused field nsScriptSecurityManager::mIsWritingPrefs. r=bz.
--HG--
extra : rebase_source : f7235787393fd6b4212aff0bb13e507bb0fd6d94
2013-01-02 21:47:50 -08:00
Ehsan Akhgari
b708151504 Merge mozilla-central into mozilla-inbound 2012-12-06 23:13:32 -05:00
Bobby Holley
9fc78ca98e Bug 807102 - Rev the CID on nsPrincipal. r=bz 2012-12-06 14:51:37 -08:00
Boris Zbarsky
d507ea257e Bug 817284. When none of our code is associated with a window in an obvious way, assume that scripts should be allowed to execute for a WebIDL callback. r=bholley 2012-12-06 15:21:18 -05:00
Bobby Holley
e8568b9e9b Bug 797206 - Remove GetPrincipalAndFrame. r=bz 2012-10-29 15:55:35 +01:00