9 Commits

Author	SHA1	Message	Date
mstoltz%netscape.com	9bb975256e	Fixes for 27010, 32878, and 32948.	2000-04-26 03:50:07 +00:00
mstoltz%netscape.com	57feeae5ec	Backing out changes until I can figure out why it's crashing on startup.	2000-04-23 21:25:39 +00:00
mstoltz%netscape.com	62bffdd26e	Fixes for bugs 27010, 32878, 32948.	2000-04-23 20:30:29 +00:00
norris%netscape.com	7d053b70b0	Adding nsAggregatePrincipal support. r=norris	2000-03-21 04:05:35 +00:00
norris%netscape.com	2b4b436f5f	Fix 25062 Reload vulnerability ... 25206 Reload vulnerability #2 Implement grant dialogs and persistence for capabilities. most r=mstoltz, some code from morse w/ r=norris	2000-02-10 04:56:56 +00:00
norris%netscape.com	4f128298d2	Fix 22909 previousSibling vulnerability ... r=mstoltz	2000-01-06 00:59:18 +00:00
norris%netscape.com	7cd400a26f	* Fix the following bugs by tightening the default security policy. ... 17977 [DOGFOOD] Reading documents using document.body 17538 document.lastModified is exposed 17537 document.images vulnerabilities 16036 [DOGFOOD] document.Element exposes the DOM of documents from 15757 [DOGFOOD] Injecting JS code using setAttribute and getElemen 15550 Injecting text in documents from any domain using createText 15067 [DOGFOOD] getElementsByTagName() allows reading of arbitrary * Create an array of dom property policy types and initialize it when the script security manager is created. * Move some implementation code to a new shared implementation base class. * Implement privilege enabling, disabling and reverting * Implement stack walking for checking privileges. r=mstoltz@netscape.com * Modify nsIPref to support security policy work. r=neeti@netscape.com	1999-11-11 22:10:36 +00:00
dmose%mozilla.org	142ac52eaf	updated xPL license boilerplate to v1.1, a=chofmann@netscape.com,r=endico@mozilla.org	1999-11-06 03:43:54 +00:00
norris%netscape.com	ec9d253f50	Add all-powerful system principals. Remove some dead code from the build.	1999-09-01 00:54:35 +00:00