Commit Graph

322 Commits

Author SHA1 Message Date
Bobby Holley
5a745a89c5 Bug 794943 - Remove CheckXPCPermissions. r=mrbkap 2014-01-16 15:45:40 -08:00
Bobby Holley
1d3b133066 Bug 794943 - Remove checks for nsISecurityCheckedComponent in caps. r=mrbkap 2014-01-16 15:45:40 -08:00
Luke Wagner
2e804616e4 Bug 924905 - Do a subsumes check inside the stack iterator. r=jandem
--HG--
extra : rebase_source : ff8407c4f79fd3e2264470379470c526a751e45f
2014-01-03 10:32:56 -06:00
Bobby Holley
ea86682111 Bug 913734 - Remove namespace mozilla::hotness. r=mrbkap 2013-12-13 19:15:44 -08:00
Bobby Holley
041e66aa0e Bug 913734 - Remove now-unused policy machinery. r=mrbkap 2013-12-13 19:15:43 -08:00
Bobby Holley
bdd70cb368 Bug 913734 - Stop storing security policies on XPCWrappedNativeProtos. r=mrbkap
This is just a cache, so we can safely remove it without impacting correctness.
The rest of this mechanism goes away in subsequent patches.
2013-12-13 19:15:43 -08:00
Deian Stefan
3f9a418ee1 Bug 886164 - Enforce CSP in sandboxed iframe, r=grobinson 2013-11-22 15:12:00 -08:00
Mike Hommey
e80e877ab7 Bug 939044 - Remove most definitions of MODULE. r=mshal 2013-11-19 11:47:39 +09:00
Bobby Holley
93808be553 Bug 840488 - New domain policy API. r=bz
Note that this patch changes the semantics of javascript.enabled so that changes
to the pref do not apply to compartments that have already been created. This is
a significant change, but is necessary to support the new domain policy API.
After one cycle or so, we'll rip out the old API.
2013-11-12 16:43:35 -08:00
Bobby Holley
95ac2b3227 Bug 840488 - Compute immunity from caps checks exactly once, and kill nsScriptSecurityManager::CanExecuteScripts. r=bz 2013-11-12 16:43:35 -08:00
Bobby Holley
63af01c6e2 Bug 840488 - Get rid of aAllowIfNoScriptContext. r=bz
The old code seemed to feel that the lack of a script context was some sort of
showdown that required either unconditional allow or deny. Instead, let's just
make the scriptcontext-relevant checks conditional on there being a script
context, which lets us switch CheckFunctionAccess over to ScriptAllowed.
2013-11-12 16:43:32 -08:00
Ryan VanderMeulen
b7e0804666 Backout bug 886164 for B2G regressions. 2013-09-23 21:26:05 -04:00
Deian Stefan
c36df6710c Bug 886164 - Enforce CSP in sandboxed iframe. r=grobinson 2013-06-23 14:31:52 -07:00
Bobby Holley
c4c9f9e982 Bug 917009 - Remove old-style object principal calculation. r=bz 2013-09-17 15:29:11 -07:00
Terrence Cole
d4b22fae39 Bug 908750 - Fix a rooting hazard in nsScriptSecurityManger::LookupPolicy; r=bholley
--HG--
extra : rebase_source : 27bf6ef6bce3bed136921df15ea00ae86bd73f89
2013-08-23 08:51:40 -07:00
Jan Varga
e9492bcd36 Bug 785884 - Implement support for temporary storage (aka shared pool). r=ehsan, r=bent
--HG--
rename : caps/tests/mochitest/test_principal_extendedorigin_appid_appstatus.html => caps/tests/mochitest/test_principal_jarprefix_origin_appid_appstatus.html
rename : dom/quota/UsageRunnable.h => dom/quota/UsageInfo.h
2013-09-11 06:18:36 +02:00
Bobby Holley
30d81ff017 Bug 905364 - Stop using the SafeJSContext in nsScriptSecurityManager::Init. r=mrbkap
With this patch, I've confirmed that we instantiate the SafeJSContext much later
in startup, during nsAppStartupNotifier::Observe (which ends up invoking an
XPCWrappedJS). As such, this should solve a number of our startup ordering woes.
2013-09-06 11:35:12 -07:00
Nicholas Nethercote
01c70c8c97 Bug 911020 - Introduce js/TypeDecls.h, which holds very commonly used type declarations from the JS engine. r=luke.
--HG--
extra : rebase_source : 008ef689989f93b46627b8be8608bdbc544ca3a2
2013-08-27 19:59:14 -07:00
Nicholas Nethercote
2585de9a07 Bug 905017 (part 1) - Minimize inclusions of JS engine headers in .h and .idl files. r=billm.
--HG--
extra : rebase_source : 984c61ab12f46be0509b1ce0d458d9a6e5841c64
2013-08-17 15:50:18 -07:00
Phil Ringnalda
72c8f5969c Back out c39d60483813 (bug 905364) for xpcshell and b2g desktop bustage 2013-08-16 22:38:48 -07:00
Bobby Holley
363bb61e01 Bug 905364 - Stop using the SafeJSContext in nsScriptSecurityManager::Init. r=mrbkap
With this patch, I've confirmed that we instantiate the SafeJSContext much later
in startup, during nsAppStartupNotifier::Observe (which ends up invoking an
XPCWrappedJS). As such, this should solve a number of our startup ordering woes.
2013-08-16 20:28:17 -07:00
Nicholas Nethercote
d8f824e34e Bug 898914 (part 1) - Remove JSBool.
--HG--
extra : rebase_source : 2d202e0e5005a7f54724b1540481c15cde3ad52e
2013-08-08 15:53:04 -07:00
Ehsan Akhgari
ef4b479714 Bug 872127 - Part 2: Replace mozilla/StandardInteger.h with stdint.h; r=Waldo,ted 2013-07-30 10:25:31 -04:00
Bobby Holley
d5d84f0dff Bug 885668 - Removed specialized function object principal machinery from CAPS. r=bz 2013-07-15 11:22:10 -07:00
Jon Coppeard
ef8bb39711 Bug 885310 - 1 Rename JSHandleFoo in the browser r=bz 2013-06-21 14:12:46 +01:00
Bobby Holley
fe6dc08fc3 Bug 884362 - Use AutoJSContext in nsScriptSecurityManager::LoadPolicy. r=bz
This cx is just used for rooting etc. As such, we really just want whatever
cx is on the stack, but want a default if the stack-top cx is null (which it
sometimes is, here). And that's exactly what AutoJSContext gives us.
2013-06-20 11:05:32 -07:00
Jon Coppeard
b4a1d2128a Bug 884371 - Remove JSMutableHandleXXX from the browser r=bz 2013-06-19 11:32:27 +01:00
Trevor Saunders
7a603ed62c bug 873622 - remove nsScriptSecurityManager::sXPConnect r=bholley 2013-05-29 19:49:11 -04:00
Boris Zbarsky
e46734cb01 Bug 873735 part 1. Fix the more or less mechanical browser rooting hazards. r=terrence 2013-05-20 08:40:06 -04:00
Gregory Szorc
1b12175ba0 Bug 873629 - Remove 129 empty Makefile.in files; r=ted 2013-05-17 16:20:11 -07:00
Ehsan Akhgari
38dd0461b4 Bug 871262 - Fix rooting hazards in the CAPS code; r=till 2013-05-12 15:52:21 -04:00
David Zbarsky
05132788d9 Bug 867459 - Fix caps rooting hazards r=terrence 2013-05-02 22:02:40 -04:00
Bobby Holley
dde0ee15d3 Bug 865729 - Use sXPConnect directly in caps. r=gabor
It's tempting to go through nsContentUtils here, but I'm pretty sure caps is
initialized before nsContentUtils.
2013-04-29 11:16:21 -07:00
Mike Shal
df7deac25b Bug 846634 - Part 2: Move EXPORTS to moz.build; r=joey 2013-04-16 15:24:43 -04:00
matekm
b79eaf364c Bug 784739 - Switch from NULL to nullptr in caps/; r=ehsan 2013-04-02 20:16:25 -04:00
Kyle Machulis
72a717a860 Bug 855465 - Add emacs python mode comments to moz.build files; r=gps 2013-04-01 11:36:59 -07:00
Kyle Machulis
43628a7867 Backout for changeset 03452b187c14 (Bug 855465) due to bustage on a CLOSED TREE; r=qdot 2013-03-29 15:12:58 -07:00
Kyle Machulis
334c0800cf Bug 855465 - Add emacs python mode comments to moz.build files; r=gps
--HG--
extra : rebase_source : 004a756492323e1a049586e85b3be5037159df20
2013-03-29 13:56:18 -07:00
Mike Shal
7ecea60097 Bug 844654 - Part 2: Move MODULE to moz.build; rs=gps 2013-03-19 11:47:00 -07:00
Trevor Saunders
9c54e14d23 bug 852379 - remove unecessary nsHashtable.h includes r=Ms2ger 2013-03-18 21:18:26 -04:00
Daniel Holbert
aa087f4637 Bug 849086: Remove unused *_CLASSNAME defines. r=bsmedberg 2013-03-15 10:52:10 -07:00
Gregory Szorc
8c137ecae2 Bug 784841 - Bug 18f: Convert /caps; f=Ms2ger rs=ted 2013-02-25 12:47:18 -08:00
Jan de Mooij
d584c95452 Bug 833817 part 2 - Remove unused frame argument from GetFunctionObjectPrincipal. r=bholley
--HG--
extra : rebase_source : 1a7e2428c64d806960fa749095b7d0b9ec439c01
2013-01-24 20:39:27 +01:00
Ian Melven
37b948817c Bug 752529 - workers shouldn't use string origins as null principals don't have them. Part 2 - nsPrincipal GetBaseDomain (r=bz) 2013-01-08 13:53:32 -08:00
Nicholas Nethercote
4030d50d1b Bug 826154 - Remove unused field nsScriptSecurityManager::mIsWritingPrefs. r=bz.
--HG--
extra : rebase_source : f7235787393fd6b4212aff0bb13e507bb0fd6d94
2013-01-02 21:47:50 -08:00
Ehsan Akhgari
7deead5906 Merge mozilla-central into mozilla-inbound 2012-12-06 23:13:32 -05:00
Bobby Holley
1022b1f72e Bug 807102 - Rev the CID on nsPrincipal. r=bz 2012-12-06 14:51:37 -08:00
Boris Zbarsky
f12bcf04dd Bug 817284. When none of our code is associated with a window in an obvious way, assume that scripts should be allowed to execute for a WebIDL callback. r=bholley 2012-12-06 15:21:18 -05:00
Bobby Holley
b5471e12e1 Bug 797206 - Remove GetPrincipalAndFrame. r=bz 2012-10-29 15:55:35 +01:00
Mounir Lamouri
6ec6990ee3 Bug 777467 - Update the same-origin policy for principals to include appid/isinbrowserelement. r=bholley 2012-10-24 18:50:25 +01:00