Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-31 22:25:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
339,192 Commits 615 Branches 98 Tags 6 GiB
4721c0729c
Commit Graph

1212 Commits

Author SHA1 Message Date
Trevor Saunders
d43c55ca0e bug 949821 - use MOZ_UTF16 more and NS_LITERAL_STRING less r=froydnj 2013-12-12 20:50:01 -05:00
Bobby Holley
ea86682111 Bug 913734 - Remove namespace mozilla::hotness. r=mrbkap 2013-12-13 19:15:44 -08:00
Bobby Holley
ebe6344137 Bug 913734 - Remove EnabledID() machinery. r=mrbkap 2013-12-13 19:15:44 -08:00
Bobby Holley
041e66aa0e Bug 913734 - Remove now-unused policy machinery. r=mrbkap 2013-12-13 19:15:43 -08:00
Bobby Holley
d99e6b8d97 Bug 913734 - Stop consulting domain policies in CAPS. r=mrbkap 
The whole LookupPolicy juggernaut is basically a mechanism for setting custom
per-(protocol, origin, property, action) access control in the preferences
service.

There are two sets of preferences currently in all.js. One of them is set up
for mailnews, for the mailbox:, imap:, and news: protocols. According to jst,
this was designed as a whack-a-mole security mechanism for javascript running
in HTML email. IIUC, we no longer allow JS to run at all in mailnews, so this
is obsolete.

The other mechanism appears to be our old-fashioned implementation of the
same-origin policy, which has been obsoleted by the new compartment
architecture.

In addition, most of this stuff was obsoleted by the new dom bindings, since
these DOM classes no longer go through XPCWrappedNativeJSOps, and thus no
longer trigger these security checks at all.

We stop using the infrastructure in this patch, and rip it out in the next one.
 2013-12-13 19:15:43 -08:00
Bobby Holley
bdd70cb368 Bug 913734 - Stop storing security policies on XPCWrappedNativeProtos. r=mrbkap 
This is just a cache, so we can safely remove it without impacting correctness.
The rest of this mechanism goes away in subsequent patches.
 2013-12-13 19:15:43 -08:00
Birunthan Mohanathas
3440613a39 Bug 713082 - Part 2: Rename Util.h to ArrayUtils.h. r=Waldo 
--HG--
rename : mfbt/Util.h => mfbt/ArrayUtils.h
 2013-12-08 21:52:54 -05:00
Bobby Holley
62578248db Bug 932906 - Exempt Remote XUL from CanCreateWrapper checks. r=bz 2013-12-04 19:15:40 -08:00
Joshua Cranmer
ae71929347 Bug 884676 - Convert JSPrincipals::refcount to Atomic<int32_t> in JS_THREADSAFE builds, and remove JS_ATOMIC_*. r=Waldo 2013-11-27 09:37:10 -06:00
Deian Stefan
3f9a418ee1 Bug 886164 - Enforce CSP in sandboxed iframe, r=grobinson 2013-11-22 15:12:00 -08:00
Michael Shuen
26c0110ca6 Bug 941332 - Build caps/src in unified mode. r=ehsan 2013-11-21 09:22:26 -05:00
Mike Hommey
2812d11fce Bug 939632 - Remove LIBRARY_NAME for leaf libraries. r=gps 
Landing on a CLOSED TREE.
 2013-11-19 11:50:54 +09:00
Mike Hommey
e06d795c71 Bug 939074 - Remove most LIBXUL_LIBRARY. rs=gps 2013-11-19 11:48:10 +09:00
Mike Hommey
26bc04d200 Bug 939044 - Rename remaining MODULE definitions to XPIDL_MODULE. r=mshal 2013-11-19 11:47:43 +09:00
Mike Hommey
e80e877ab7 Bug 939044 - Remove most definitions of MODULE. r=mshal 2013-11-19 11:47:39 +09:00
Mike Hommey
ffe0380912 Bug 935881 - Use FINAL_LIBRARY for all (fake) libraries that end up linked in a single other library. r=gps 2013-11-19 11:47:14 +09:00
Tom Schuster
4478f5b384 Bug 933834 - Rename and handlify JS_ValueToString. r=terrence,bz 2013-11-16 13:31:36 +01:00
Ms2ger
cca4d45da6 Backout changesets ded0d64f6786:03f041d03f24 and 30cbd1abde1a (bug 935696, bug 933834 and bug 939194) for build bustage. 2013-11-17 16:39:25 +01:00
Tom Schuster
bc757ef965 Bug 933834 - Rename and handlify JS_ValueToString. r=terrence,bz 2013-11-16 13:31:36 +01:00
Bobby Holley
2f55900502 Bug 840488 - Tests. r=bz 2013-11-12 16:43:35 -08:00
Bobby Holley
93808be553 Bug 840488 - New domain policy API. r=bz 
Note that this patch changes the semantics of javascript.enabled so that changes
to the pref do not apply to compartments that have already been created. This is
a significant change, but is necessary to support the new domain policy API.
After one cycle or so, we'll rip out the old API.
 2013-11-12 16:43:35 -08:00
Bobby Holley
95ac2b3227 Bug 840488 - Compute immunity from caps checks exactly once, and kill nsScriptSecurityManager::CanExecuteScripts. r=bz 2013-11-12 16:43:35 -08:00
Bobby Holley
8e73b817c0 Bug 840488 - Remove per-JSContext script toggling. r=bz 
Note that the checks in nsJSEnvironment::EvaluateString and EvalInWindow
can safely go away, because we call ssm->ScriptAllowed() in
nsJSUtils::EvaluateString.
 2013-11-12 16:43:35 -08:00
Bobby Holley
5e788f9565 Bug 840488 - Directly mark compartments whose docshells disable script execution. r=bz 2013-11-12 16:43:33 -08:00
Bobby Holley
358692053b Bug 840488 - Introduce a mechanism to temporarily or permanently block script for a given scope, and use it for unsafe channels. r=bz 2013-11-12 16:43:33 -08:00
Bobby Holley
a17328e5cc Bug 840488 - Remove CheckFunctionAccess. r=bz 
\o/

Aside from checking whether script is enabled, all the other work this function
does is silly.
 2013-11-12 16:43:32 -08:00
Bobby Holley
63af01c6e2 Bug 840488 - Get rid of aAllowIfNoScriptContext. r=bz 
The old code seemed to feel that the lack of a script context was some sort of
showdown that required either unconditional allow or deny. Instead, let's just
make the scriptcontext-relevant checks conditional on there being a script
context, which lets us switch CheckFunctionAccess over to ScriptAllowed.
 2013-11-12 16:43:32 -08:00
Bobby Holley
074ccfec30 Bug 840488 - Refactor Gecko to provide a more direct API to ask whether script is allowed for a given global. r=bz 2013-11-12 16:43:31 -08:00
Garrett Robinson
1da990368c Bug 855326 - CSP 1.1 nonce-source for scripts and styles r=mrbkap r=dholbert r=geekboy 2013-11-08 15:44:39 -08:00
Daniel Holbert
9a3437dd77 backout 57213b64023b (bug 855326) for build bustage in debug builds 
CLOSED TREE
 2013-11-08 11:22:36 -08:00
Garrett Robinson
5add685cdd Bug 855326 - CSP 1.1 nonce-source for scripts and styles. r=mrbkap r=dholbert r=geekboy 2013-11-08 09:20:43 -08:00
Nicholas Nethercote
3b80765894 Bug 925584 - Remove some unnecessary jsapi.h inclusions from .cpp files. r=Ms2ger. 
--HG--
extra : rebase_source : 41fcb0e922a519ef679c1c1b6293c2b638e83a48
 2013-10-10 15:22:35 -07:00
Mike Hommey
b000a846c2 Bug 929905 - Consolidate sources in moz.build. r=gps 2013-10-25 08:23:05 +09:00
Carsten "Tomcat" Book
6fb588efa7 merge b2g-inbound to mozilla-central 2013-10-09 10:13:52 +02:00
Karl Tomlinson
31f8c782f2 b=923591 don't warn when checkLoadURIStrWithPrincipal() returns NS_ERROR_DOM_BAD_URI r=bz 
--HG--
extra : transplant_source : J%09t%A3Z%B4%8C%B9%99%E0O%CE3%7Ex%93vu%9BA
 2013-10-09 15:32:38 +13:00
Fabrice Desré
628b85da4f Bug 918658 - Don't pretend that mozIApplication inherits from mozIDOMApplication r=bent 2013-10-08 15:52:26 -07:00
Christoph Kerschbaumer
a8eb623c18 Bug 897516 - Implement a separate cookie jar for safebrowsing - cookie separation part. r=mmc 2013-08-19 12:31:24 -07:00
Trevor Saunders
6e22b00095 bug 920754 - rm more makefiles r=mshal 2013-09-25 16:39:06 -04:00
Gregory Szorc
1cff342d15 Bug 920223 - Part 1: Mass convert MOCHITEST_FILES to manifests; rs=Ms2ger 2013-09-30 09:51:57 +02:00
Ed Morley
18a411a55c Backed out changeset 77bff106b704 (bug 920223) 2013-09-30 12:50:12 +01:00
Gregory Szorc
6ed63cb064 Bug 920223 - Part 1: Mass convert MOCHITEST_FILES to manifests; rs=Ms2ger 2013-09-30 09:51:57 +02:00
Ehsan Akhgari
8b1e734ef4 Backed out changeset a73ffb0d0c97 because of build bustage 2013-09-29 17:20:07 -04:00
Ehsan Akhgari
f3d364af5a Remove a number of unused variables, no bug 2013-09-29 16:42:12 -04:00
Carsten "Tomcat" Book
fba1ba6542 Backed out changeset 0cc959e28407 (bug 897516) failed XPC Shell tests CLOSED TREE 2013-09-27 15:45:31 +02:00
Christoph Kerschbaumer
72cca452f5 Bug 897516 - Implement a separate cookie jar for safebrowsing - cookie separation part. r=mmc 2013-08-19 12:31:24 -07:00
Ryan VanderMeulen
b7e0804666 Backout bug 886164 for B2G regressions. 2013-09-23 21:26:05 -04:00
Jon Coppeard
7f7a4918ef Bug 918373 - GC: Handlify various public APIs r=sfink r=bholley r=smaug 2013-09-20 10:22:59 +01:00
Deian Stefan
c36df6710c Bug 886164 - Enforce CSP in sandboxed iframe. r=grobinson 2013-06-23 14:31:52 -07:00
Bobby Holley
c4c9f9e982 Bug 917009 - Remove old-style object principal calculation. r=bz 2013-09-17 15:29:11 -07:00
Terrence Cole
d4b22fae39 Bug 908750 - Fix a rooting hazard in nsScriptSecurityManger::LookupPolicy; r=bholley 
--HG--
extra : rebase_source : 27bf6ef6bce3bed136921df15ea00ae86bd73f89
 2013-08-23 08:51:40 -07:00