Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-31 22:25:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
179,544 Commits 615 Branches 98 Tags 6 GiB
778a50719a
Commit Graph

524 Commits

Author SHA1 Message Date
hg@mozilla.com
05e5d33a57 Free the (distributed) Lizard! Automatic merge from CVS: Module mozilla: tag HG_REPO_INITIAL_IMPORT at 22 Mar 2007 10:30 PDT, 2007-03-22 10:30:00 -07:00
bzbarsky%mit.edu
d9f9d475bb When getting codebase principals, install the passed-in codebase on them even 
if they come from the hashtable.  Bug 269270, r=dveditz, sr=jst.
 2007-02-09 04:52:44 +00:00
bzbarsky%mit.edu
382b095c94 Get the source scheme from the right URI object. Bug 368160, r+sr=dveditz 2007-01-26 04:33:02 +00:00
bzbarsky%mit.edu
8a1b6c5e34 Make the redirect check get principals the same way we get them elsewhere. 
Clean up some code to use the new security manager method.  Bug 354693,
r=dveditz, sr=sicking
 2006-11-22 18:27:54 +00:00
gavin%gavinsharp.com
ad22de3c0c Bug 202198: fix possible leak in nsScriptSecurityManager::InitPrefs(), patch by Ryan Jones <sciguyryan+bugzilla@gmail.com>, r+sr=dveditz 2006-11-22 17:22:40 +00:00
sayrer%gmail.com
6aa99d403b Bug 360840. allocator mismatch in nsIScriptSecurityManager. r=timeless, sr=bz 2006-11-16 18:25:52 +00:00
bzbarsky%mit.edu
730516b0a1 Remove securityCompareURIs() from nsIScriptSecurityManager. Bug 327243, r+sr=jst 2006-11-14 22:46:45 +00:00
bzbarsky%mit.edu
0a3a624149 Make it possible for protocol handlers to configure how CheckLoadURI should 
treat them via their protocol flags.  Remove the protocol list we used before.
Bug 120373, r=dveditz, sr=darin
 2006-11-10 23:49:08 +00:00
bzbarsky%mit.edu
50e969de0c Introduce CheckLoadURIStrWithPrincipal(). Bug 348559, r=dveditz, sr=jst 2006-08-21 22:15:20 +00:00
pkasting%google.com
dafdf0b1eb Bug 337223: Don't expose moz-anno protocol to web pages. 
Patch by brettw
r=jst
sr=bzbarsky
 2006-08-18 21:35:16 +00:00
bzbarsky%mit.edu
e9379f3679 Remove special-casing of about:blank for security purposes; give about:blank 
pages the principal of whoever is responsible for loading them, when possible.
Bug 332182, r=mrbkap, sr=jst
 2006-08-15 17:31:16 +00:00
dveditz%cruzio.com
d3379f18b5 bug 340107 save wasted cycles checking permissions if we're just going to deny access anyway. r=mrbkap, sr=sicking 2006-06-27 00:56:41 +00:00
bzbarsky%mit.edu
282ad6509b Fiox the special-casing for about:blank to deal with it now being 
moz-safe-about:blank as far as the security manager is concerned.  Bug 342108,
r=darin, sr=jst
 2006-06-22 02:21:06 +00:00
bzbarsky%mit.edu
8cd320ad22 Allow about: modules to just set a flag to force script execution to be allowed 
for particular about: URIs, instead of hardcoding checks in the security
manager.  Bug 341313, r=darin, sr=jst
 2006-06-22 02:19:49 +00:00
bzbarsky%mit.edu
4b3cf6e788 Make the URIs of principals immutable. Bug 339822, r=dveditz, sr=darin 2006-06-20 03:17:41 +00:00
bzbarsky%mit.edu
9a60679a4c Save the principal in the session history entry so that reloading a data: URL 
will do the right thing.  Also, change CheckLoadURI to allow null
principals to load things that anyone can load (e.g. http:// URIs).  Bug
337260, r=dveditz, sr=jst
 2006-06-19 21:08:45 +00:00
bzbarsky%mit.edu
9509962b32 Move the safe vs unsafe about: distinction out of the security manager and into 
nsIAboutModule implementations.  Bug 337746, r=dveditz, sr=darin
 2006-06-19 21:02:12 +00:00
mhammond%skippinet.com.au
0f241835df Land DOM_AGNOSTIC3_BRANCH, bug 255942. r=a few people, sr=brendan. 2006-06-13 03:07:47 +00:00
mrbkap%gmail.com
98997f8669 Checking in Ben Turner <bent.mozilla@gmail.com> and timeless's patch to make Gecko use the JS engine's request model to help multithreaded embedders avoid GC races and crashes. bug 176182, r=mrbkap assumed-rs=brendan 2006-06-12 22:39:55 +00:00
igor%mir2.org
65028a8035 Bug 338678: For source compatibility fields "uint16 extra,spare" in JSFunctionSpec are replaced by singe "uint32 extra". In this way we do need to update the current sources that list just 5 fields to include the additional ",0" corresponding to "spare" field. To quell GCC warnings all sources that list less then 5 fields of JSFunctionSpec are updated to explicitly list all 5 fields. r=mrbkap, s=brendan 2006-05-22 22:58:31 +00:00
bzbarsky%mit.edu
f78182b042 Make GetOrigin dig into nested URIs. Bug 336303, r=dveditz, sr=jst 2006-05-12 00:05:40 +00:00
bzbarsky%mit.edu
6e7e8da8e6 Create our URIs by hand (since we have our own scheme), instead of going 
through the ioService.  Also fixes some threadsafety stuff.  Bug 337513,
r=dveditz, sr=darin.
 2006-05-11 16:06:35 +00:00
cbiesinger%web.de
51a89a8b1e bug 335180 Remove win32.order, mozilla-bin.order, --enable-reorder, and 
associated code. These options do not really work anymore.

r=bsmedberg
 2006-05-06 17:53:51 +00:00
bzbarsky%mit.edu
3aaa1fe7df Disable optimization that relies on invariants we don't maintain. Bug 317240 
wallpaper, r+sr=jst
 2006-05-04 15:23:43 +00:00
bzbarsky%mit.edu
a40420a6d3 Deal with null subject URIs in SecurityCompareURIs. Bug 336432, r=dveditz, sr=jst 2006-05-04 02:29:46 +00:00
darin%meer.net
4a94571cee fixes bug 214672 "Further optimization and correctness improvements of libjar: streamlining nsJarInputStream" patch by Alfred Kayser <alfredkayser@nl.ibm.com>, r=jwalden, sr=darin 2006-05-02 19:33:09 +00:00
bzbarsky%mit.edu
722b5218b2 Add an interface for nested URIs (like jar:, view-source:, etc) to implement 
and use it in various places.  Create null principals if asked for a codebase
principal for a codebase that doesn't have an inherent security context (eg
data: or javascript:).  Bug 334407, r=biesi,dveditz, sr=darin
 2006-05-02 18:54:19 +00:00
bzbarsky%mit.edu
000f1cb779 Deal with checkLoadURI better in the face of URI fixup. Bug 334341, r=biesi, sr=dveditz 2006-04-25 03:24:43 +00:00
bzbarsky%mit.edu
dffe9c89ad Check rv before looking at port. Bug 334210, r+sr+branch181=jst 2006-04-17 23:19:44 +00:00
bzbarsky%mit.edu
f15a96ed13 Allow redirects to data: URIs. Bug 211999, r=dveditz, jruderman; sr=darin 2006-04-17 23:13:33 +00:00
bzbarsky%mit.edu
af73fbf542 Fix refcounting bug. Followup to bug 327176; reviews pending. 2006-04-05 16:48:51 +00:00
bzbarsky%mit.edu
40f15bd48c Init the system principal singleton when we init the security manager -- no 
need for lazy init here.  Bug 327176, r=mrbkap, sr=dveditz
 2006-04-02 21:10:23 +00:00
bzbarsky%mit.edu
25ab5fffef Create a powerless non-principal and start using it. Bug 326506, r=mrbkap, 
sr=dveditz
 2006-04-02 20:58:26 +00:00
darin%meer.net
20837f71e1 fixes bug 328925 "Replace NS_WARN_IF_FALSE with NS_ASSERTION (where appropriate)" r=dbaron 2006-03-30 18:40:56 +00:00
martijn.martijn%gmail.com
9f0ff7ef3c Bug 330037 - First check if script/data url's are allowed, r=dveditz, sr=bzbarsky 2006-03-15 11:03:25 +00:00
bryner%brianryner.com
4cd1e2b280 Remove dependency on nsIClassInfo.h from nsISupports.h (bug 330420). This adds a new nsIClassInfoImpl.h file which can be included to get the CI implementation macros. Also, removes unneeded inclusion of nsIProgrammingLanguage.h from nsIClassInfo.h. r=darin. 2006-03-15 04:59:42 +00:00
bzbarsky%mit.edu
7e4ec9da94 Followup fix for bug 307867 -- make sure to update our pointers to hashtable 
entries when the entries move. r=dveditz, sr=brendan
 2006-02-24 04:38:46 +00:00
timeless%mozdev.org
1ce5986f6b Bug 106386 Correct misspellings in source code 
r=bernd rs=brendan
 2006-02-23 09:36:43 +00:00
bzbarsky%mit.edu
f8625ded52 Remove dead code. Bug 327171, r=mrbkap, sr=shaver 2006-02-14 21:08:15 +00:00
bzbarsky%mit.edu
36b98a62ac Fix debug code to assert the right thing. r=timeless 2006-02-14 20:20:49 +00:00
bzbarsky%mit.edu
3b307aca09 Fix bug 325991 -- spinning event queues requires more care. r=jst, sr=shaver 2006-02-07 22:24:47 +00:00
cbiesinger%web.de
c2d981f764 bug 183156 remove *UCS2* functions, replacing them with *UTF16* ones 
r+sr=darin
 2006-02-03 14:18:39 +00:00
jst%mozilla.jstenback.com
ded8422135 Fixing tinderbox orange. Make caps work right again when dealing with a script global object that's not a window. r+sr=bzbarsky@mit.edu 2005-11-29 06:00:36 +00:00
jst%mozilla.jstenback.com
8f1863159b Fixing bug 316794. Moving HandleDOMEvent() and Get/SetDocShell from nsIScriptGlobalObject to nsPIDOMWindow. r=mrbkap@gmail.com, sr=peterv@propagandism.org 2005-11-28 23:56:44 +00:00
brettw%gmail.com
9b7c8dae03 Bug 316077, r=annie.sullivan, sr=darin 
Protocol handler allowing access to binary annotations.
 2005-11-17 18:39:00 +00:00
bzbarsky%mit.edu
f02076fb6f Get principals for XPConnect wrapped natives off their scope instead of walking 
their parent chain.  Add some asserts to check that this actually does give the
same result, which it should with splitwindow.  Bug 289655, r=dbradley, sr=jst
 2005-11-16 02:12:21 +00:00
cbiesinger%web.de
9efd50d7d5 Bug 248052 Add a contract ID for a global channeleventsink. Make the 
scriptsecuritymanager register for that and implement nsIChannelEventSink. Veto
redirects if CheckLoadURI fails. Remove the explicit usage of
nsIScriptSecurityManager from nsHttpChannel.cpp.

This eliminates js and xpconnect from REQUIRES, and brings us closer to remove
caps.

r=darin sr=bz
 2005-11-08 20:47:16 +00:00
bzbarsky%mit.edu
d44ad313ae Remove nsIStyledContent. Bug 313968, r=sicking, r=dbaron on nsCSSStyleSheet 
changes, sr=jst
 2005-11-02 00:41:51 +00:00
jst%mozilla.jstenback.com
44614095f4 Fixing bug 313373. Pass *vp through untouched to the checkAccess hook when checking for write access. r=mrbkap@gmail.com, sr=brendan@mozilla.org 2005-10-25 00:29:28 +00:00
bzbarsky%mit.edu
b29c3a80b9 Don't call nsIClassInfo::GetClassDescription unless we really have to. Bug 
313157, r=dveditz, sr=jst
 2005-10-20 23:49:59 +00:00