Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-04 16:15:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
349,241 Commits 615 Branches 98 Tags 6 GiB
abbe4b9194
Commit Graph

227 Commits

Author SHA1 Message Date
Sid Stamm
cf8d576337 bug 768029 - Apply CSP Policy to trusted and certified apps. r=sicking. Parts by sicking, r=mounir. 2012-08-02 12:13:53 -07:00
Tim Taubert
2bf799ddff Bug 790911 - part 1 - add a flag to suppress error reporting when using checkLoadURIWithPrincipal(); r=bz 2012-09-13 16:16:17 +02:00
Ehsan Akhgari
e368dc9c85 Bug 579517 - Part 1: Automated conversion of NSPR numeric types to stdint types in Gecko; r=bsmedberg 
This patch was generated by a script.  Here's the source of the script for
future reference:

function convert() {
echo "Converting $1 to $2..."
find . ! -wholename "*nsprpub*" \
       ! -wholename "*security/nss*" \
       ! -wholename "*/.hg*" \
       ! -wholename "obj-ff-dbg*" \
       ! -name nsXPCOMCID.h \
       ! -name prtypes.h \
         -type f \
      \( -iname "*.cpp" \
         -o -iname "*.h" \
         -o -iname "*.c" \
         -o -iname "*.cc" \
         -o -iname "*.idl" \
         -o -iname "*.ipdl" \
         -o -iname "*.ipdlh" \
         -o -iname "*.mm" \) | \
    xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}

convert PRInt8 int8_t
convert PRUint8 uint8_t
convert PRInt16 int16_t
convert PRUint16 uint16_t
convert PRInt32 int32_t
convert PRUint32 uint32_t
convert PRInt64 int64_t
convert PRUint64 uint64_t

convert PRIntn int
convert PRUintn unsigned

convert PRSize size_t

convert PROffset32 int32_t
convert PROffset64 int64_t

convert PRPtrdiff ptrdiff_t

convert PRFloat64 double
 2012-08-22 11:56:38 -04:00
Ian Melven
01a802da01 Bug 341604 - modify CheckMayLoad to allow sandboxed workers to load blob and data URIs r=jst 2012-08-20 11:34:33 -07:00
Justin Lebar
f813f6360a Bug 777135 - Part 1: Add nice C++ version of nsIPrincipal::GetAppStatus. r=mounir 
--HG--
extra : rebase_source : 6150a2b708faa41f1f6c7723260fc52444b7ea8d
 2012-08-13 12:58:38 -04:00
Fabrice Desré
894868aa63 Bug 781224 - Rename APP_STATUS_TRUSTED to APP_STATUS_PRIVILEGED in nsIPrincipal [r=mounir] 2012-08-08 10:21:54 -07:00
Justin Lebar
53e0011130 No bug - Fix error in nsIPrincipal comment (it's nsIScriptSecurityManager::NO_APP_ID, not nsIAppsService::NO_APP_ID). r=me DONTBUILD 2012-08-06 00:31:22 -04:00
Mike Hommey
70d7c821af Bug 774032 bonus - Use @DEPTH@ and @relativesrcdir@ in Makefile.in. r=ted 2012-08-04 20:26:44 +02:00
Mounir Lamouri
69647e26b0 Bug 776824 - Add isInBrowserElement to nsIPrincipal. r=mrbkap sr=sicking 2012-07-31 17:47:20 +02:00
Jonas Sicking
23c9838514 Bug 774585: Rename getCodebasePrincipal to getSimpleCodebasePrincipal since the behavior has semantically changed. r=mounir 2012-07-21 00:29:40 -07:00
Jonas Sicking
c10568d0b9 Bug 774585 - Add GetDocShellCodebasePrincipal to nsIScriptSecurityManager. r=mounir 2012-07-20 00:06:24 -07:00
Mounir Lamouri
1887aa86ce Bug 758258 - part 5 - Add GetAppCodebasePrincipal and GetNoAppCodebasePrincipal to nsIScriptSecurityManager. r=mrbkap sr=sicking 2012-07-19 20:28:08 -07:00
Mounir Lamouri
99b949ad17 Bug 758258 - part 3 - Add extendedOrigin, appStatus and appId to nsIPrincipal. r=bholley sr=sicking 2012-07-19 22:44:03 -07:00
Mounir Lamouri
84f86ababe Bug 758258 - Part 2 - Add GetExtendedOrigin(), NO_APP_ID and UNKNOWN_APP_ID. r=sicking 2012-07-18 21:25:19 -07:00
Steve Fink
dfcda357cb Backed out changeset afc1cf222996 2012-07-19 15:22:32 -07:00
Mounir Lamouri
82bd7de2c9 Bug 758258 - Part 2 - Add GetExtendedOrigin(), NO_APP_ID and UNKNOWN_APP_ID. r=sicking 2012-07-18 21:25:19 -07:00
Mounir Lamouri
61d9d40b3d Bug 327244 (2/2) - Remove nsIScriptSecurityManager::CheckLoadURI(). r=sicking,jlebar 2012-07-18 15:27:02 -07:00
Mounir Lamouri
adfa6702cc Bug 327244 (1/2) - Remove nsIScriptSecurityManager::CheckLoadURIStr(). r=sicking 2012-07-19 10:49:17 -07:00
Ed Morley
c2d155cb67 Backout ea6db8f420c0 (bug 770831), b51c79ee0883 (bug 774957), 020f6ed5958b (bug 758258), 11d8e19e1fca (bug 758258), 707fc51bfe2e (bug 775354), 489d944a6fe6 (bug 327244), be7df3c9d50f (bug 327244) for m-oth orange 2012-07-19 08:29:48 +01:00
Mounir Lamouri
49af88332c Bug 758258 - Part 2 - Add GetExtendedOrigin(), NO_APP_ID and UNKNOWN_APP_ID. r=sicking 2012-07-18 21:25:19 -07:00
Mounir Lamouri
f293eab524 Bug 327244 (2/2) - Remove nsIScriptSecurityManager::CheckLoadURI(). r=sicking,jlebar 2012-07-18 15:27:02 -07:00
Mounir Lamouri
432f61b8f5 Bug 327244 (1/2) - Remove nsIScriptSecurityManager::CheckLoadURIStr(). r=sicking 2012-07-18 13:35:15 -07:00
Bobby Holley
83245872f0 Bug 754202 - Remove context pushing/popping API. r=mrbkap Each one of these uses grabs the principal off of an object for pushing, but also enters the compartment of that object. So we shouldn't need this anymore. 
Can I get a 'hell yeah'?
 2012-06-28 23:47:55 +02:00
L. David Baron
ca009b979f Backout bug 754202 (all patches, rather than just patches 3-7). 2012-06-10 17:22:31 -07:00
Ryan VanderMeulen
0ec5784959 Backout 90107a2a0c64 (bug 754202) for real due to orange. 2012-06-10 19:46:20 -04:00
Ryan VanderMeulen
5f2a19ee6e Revert c39d36167b99 due to a horribly munged backout. 2012-06-10 19:44:50 -04:00
Ryan VanderMeulen
6d6c4efbab Backout the bug 754202 backout due to orange. 2012-06-10 19:37:47 -04:00
Bobby Holley
75ea89c874 Merge backout. 2012-06-11 00:28:30 +02:00
Bobby Holley
b65e3d0fc1 Back out bug 754202. r=me 2012-06-11 00:28:05 +02:00
Gabor Krizsanits
a4d0a2ae65 Bug 734891 - part 2: Adding ExpandedPrincipal support 2012-06-09 15:19:26 -07:00
Bobby Holley
3065c84571 Bug 754202 - Remove context pushing/popping API. r=mrbkap 
Each one of these uses grabs the principal off of an object for pushing, but also enters the compartment of that object. So we shouldn't need this anymore.

Can I get a 'hell yeah'?
 2012-06-07 14:28:21 +02:00
Gervase Markham
82ff7027aa Bug 716478 - update licence to MPL 2. 2012-05-21 12:12:37 +01:00
Bobby Holley
710c5cfdb0 Bug 750859 - Remove {Disable,Revert}Capability. r=bz, PGO helper on CLOSED TREE 2012-05-02 23:57:43 +02:00
Bobby Holley
e6e34db54d Bug 750859 - Remove (most of) SetCanEnableCapability. r=bz 2012-05-02 23:57:34 +02:00
Igor Bukanov
524dbd7e47 bug 728250 - remove JSPrincipals::codebase. r=:luke,:bz 
In just 2 cases where JSPrincipals::codebase is used it can be reconstructed from the values stored in the associated nsJSPrincipal. In addition the patch makes nsJSprincipals to inherit both from nsIPrincipal and JSPrincipals allowing to use static_cast to convert between nsIPrincipal and JSPrincipals pointers and to drop many cases of manual JSPrincipal reference counting.
 2012-03-09 10:48:50 +01:00
Honza Bambas
199e57e8b9 Bug 495337 - Make sessionStorage use principals instead of string domains, r=bz+bclary 2012-02-23 18:41:25 +01:00
Blake Kaplan
e73d3d7ecd Fix bug 657267. r=bz 2011-05-19 13:31:54 +02:00
timeless@mozdev.org
eb6bf14c5f Bug 584977 mark deprecated caps interfaces and methods with [deprecated] 
r=dveditz
 2011-03-27 23:59:17 -04:00
Asaf Romano
a3601eb64c Bug 619800 - Enable scriptability for nsIPrincipal methods. r+sr+a=bz. 2010-12-22 15:58:22 +02:00
Boris Zbarsky
7e4b4c8184 Bug 593026. Make it possible to get the system principal from script. r=jst a=jst 2010-09-07 15:10:41 -04:00
Luke Wagner
7371ad00ed Bug 549143 - fatvals 2010-07-14 23:19:36 -07:00
Robert Sayre
5da1b58f01 Merge mozilla-central to tracemonkey 2010-05-17 13:55:37 -04:00
Jason Orendorff
1e779602f9 Bug 560643 - Add a special jsval type to XPIDL. Part 1, rename JSVal -> jsval in existing IDL. r+sr=jst. 
--HG--
extra : rebase_source : 3d50f7468277883a26790df13a639ce37757a257
 2010-05-12 08:18:51 -05:00
Michael Kohler
6c0f59f4a6 Bug 506041 Part 2: Correct misspellings in source code 
r=timeless
 2010-05-13 14:19:50 +02:00
Jonas Sicking
893023f46a Bug 543696: Remove unused nsIScriptSecurityManager::CheckConnect. r/sr=mrbkap 2010-02-02 02:29:15 -08:00
Sid Stamm
7252ce7760 Bug 515437 CSP connection code, r=jst,dveditz sr=jst 2010-01-22 13:38:21 -08:00
Daniel Veditz
153553d9b6 Backed out changeset a6ce37b09cf5 because of possible Tp4 perf hit 2010-01-14 17:19:11 -08:00
Sid Stamm ext:(%2C%20Brandon%20Sterne%20%3Cbsterne%40mozilla.com%3E)
f2cab6a506 bug 515433, bug 515437: Content Security Policy (CSP) core 2010-01-13 14:18:24 -08:00
Blake Kaplan
7050590b13 Bug 504021 - Add an API to the script security manager to clamp principals for a given context. r=jst/bzbarsky sr=dveditz 2009-08-21 18:20:20 -07:00
Johnny Stenback
ac0964e5c0 Fixing bug 442399. Remove LiveConnect from the tree. r=joshmoz@gmail.com, bclary@bclary.com, sr=brendan@mozilla.org 2009-06-30 15:55:16 -07:00
Blake Kaplan
d897bc426d Bug 396851 - Check to see if we're UniversalXPConnect-enabled to allow privileged web pages to unwrap XOWs. r+sr=bzbarsky 2008-10-22 13:15:22 -07:00
jonas@sicking.cc
ab63fc8524 Followup patch to bug 425201. Make sure to throw if xhr.open is called with an illegal uri. Also restore the nsIScriptSecurityManager.CheckConnect API as soap still uses it 2008-04-18 10:35:55 -07:00
jonas@sicking.cc
ec7a19c8b9 Allow XMLHttpRequest and document.load load files from subdirectories. r/sr=dveditz 2008-04-08 17:38:12 -07:00
jonas@sicking.cc
9552bd91fc Bug 413161: Make nsIPrincipal::Origin ignore changes to document.domain. r/sr=dveditz 2008-03-18 17:27:56 -07:00
bzbarsky@mit.edu
94a044f0b1 Finally kill off CheckSameOriginPrincipal, fix remaining callers to do the checks they really want to be doing. Fix screw-up in nsPrincipal::Equals if one principal has a cert and the other does not. Bug 418996, r=mrbkap,dveditz, sr=jst 2008-03-18 14:14:49 -07:00
reed@reedloden.com
57ac4a582f Bug 420081 - "Case mismatch between nsIURI and nsIUri in nsIPrincipal.idl" [p=mschroeder@mozilla.x-home.org (Martin Schröder [mschroeder]) r+sr=jst a1.9=beltzner] 2008-03-08 03:20:21 -08:00
jonas@sicking.cc
28ea51311b Bug 416534: Clean up cross-site xmlhttprequest security checks. With fixes to tests this time. r/sr=peterv 2008-02-26 19:45:29 -08:00
myk@mozilla.org
7aff03fc46 backing out fix for bug 416534 as potential cause of mochitest failure 2008-02-26 19:23:36 -08:00
jonas@sicking.cc
42bbc8327e Bug 416534: Clean up cross-site xmlhttprequest security checks. r/sr=peterv 2008-02-26 18:17:49 -08:00
jst@mozilla.org
f0f4a78cce Fixing bug 410851. Expose a faster way of getting the subject principal, and use that from performance critical code. r+sr=mrbkap@gmail.com 2008-01-04 15:59:12 -08:00
jonas@sicking.cc
4c1a3910ac bug 394390: Don't report bogus warnings to the error console when using cross-site xmlhttprequest. Patch by Surya Ismail <suryaismail@gmail.com>, r/sr=sicking 2007-10-26 18:46:09 -07:00
bzbarsky@mit.edu
647cbff151 Make security manager API more useful from script. Make more things 
scriptable, and add a scriptable method for testing whether a given principal
is the system principal.  Bug 383783, r=dveditz, sr=jst
 2007-06-18 08:12:09 -07:00
hg@mozilla.com
05e5d33a57 Free the (distributed) Lizard! Automatic merge from CVS: Module mozilla: tag HG_REPO_INITIAL_IMPORT at 22 Mar 2007 10:30 PDT, 2007-03-22 10:30:00 -07:00
bzbarsky%mit.edu
d9f9d475bb When getting codebase principals, install the passed-in codebase on them even 
if they come from the hashtable.  Bug 269270, r=dveditz, sr=jst.
 2007-02-09 04:52:44 +00:00
bzbarsky%mit.edu
8a1b6c5e34 Make the redirect check get principals the same way we get them elsewhere. 
Clean up some code to use the new security manager method.  Bug 354693,
r=dveditz, sr=sicking
 2006-11-22 18:27:54 +00:00
bzbarsky%mit.edu
730516b0a1 Remove securityCompareURIs() from nsIScriptSecurityManager. Bug 327243, r+sr=jst 2006-11-14 22:46:45 +00:00
bzbarsky%mit.edu
0a3a624149 Make it possible for protocol handlers to configure how CheckLoadURI should 
treat them via their protocol flags.  Remove the protocol list we used before.
Bug 120373, r=dveditz, sr=darin
 2006-11-10 23:49:08 +00:00
cbiesinger%web.de
74a2a1d30c Bug 351876 Move nsICryptoHash into necko 
r=darin
 2006-09-15 22:06:31 +00:00
bzbarsky%mit.edu
50e969de0c Introduce CheckLoadURIStrWithPrincipal(). Bug 348559, r=dveditz, sr=jst 2006-08-21 22:15:20 +00:00
bzbarsky%mit.edu
c44462a922 Followup to bug 326506 -- this comment got lost somehow. 2006-04-02 22:00:08 +00:00
bzbarsky%mit.edu
52c46b8f53 Make nsIPrincipal and some methods that use it scriptable. Bug 327242, r=jst, 
sr=dveditz
 2006-02-17 16:12:17 +00:00
bzbarsky%mit.edu
18fc300f0b Backing out since tree is closed. 2006-02-17 03:33:03 +00:00
bzbarsky%mit.edu
97bb5a58a9 Make nsIPrincipal and some methods that use it scriptable. Bug 327242, r=jst, 
sr=dveditz
 2006-02-17 03:26:03 +00:00
dougt%meer.net
7c0ee6b9d3 Bug 302284. add xpi hash support to InstallTrigger.install(). r=dveditz, sr=shaver, a=asa 2005-08-26 06:46:21 +00:00
timeless%mozdev.org
9560fb68fc Bug 304240 Make noAccess/allAccess/sameOrigin consistently intercaps in the source tree 
r=caillon sr=dveditz
 2005-08-12 23:11:32 +00:00
bzbarsky%mit.edu
10d1c576d9 Expose the subject name for the cert and an nsISupports pointer to the cert on 
nsIPrincipal that represents a certificate principal.  Change preference
storage to ensure matches in not only the fingerprint but also the subjectName
before applying privileges from preferences to a certificate principal.  Remove
possibility for creating certificate principals without a useful identifying
name and make sure that names don't get munged by being forced to ASCII.  Bug
240661, r=caillon, sr=dveditz, a=bsmedberg
 2005-07-22 19:05:42 +00:00
brendan%mozilla.org
deb9f0c764 Add a subsumes relation to principals so JS can handle all cases when checking indirect eval (and the like) calls (300008, r=caillon/dveditz, sr/a=shaver). 2005-07-08 23:26:36 +00:00
dougt%meer.net
4c7f9052d3 Add a scriptable hash function API. basically what this does is moves the hashing function out of the nsISignatureVerifier.idl and creates a new interface nsICryptoHash which is scriptable. Because of this change, we needed to fix up all of the call sites. r=darin, sr=dveditz, a=shaver 2005-06-01 16:06:53 +00:00
dbaron%dbaron.org
8ca0c03467 Cleaner fix for bug 290036. b=290949 r=dveditz sr=darin a=asa 2005-05-12 18:20:07 +00:00
jshin%mailaps.org
d30a1bda05 bug 280613 : checkLoadURIStr of nsIScriptSecurityManager should accept AUTF8String istead of string (for IDN), r=dveditz, sr=darin 2005-02-02 07:17:53 +00:00
bzbarsky%mit.edu
4ede76717e Add a version of CheckLoadURI that takes a source principal instead of a source 
URI.  Update a bunch of callers to use it.  Bug 233108, r=caillon, sr=dveditz
 2004-04-25 16:55:27 +00:00
gerv%gerv.net
9d2ee4928c Bug 236613: change to MPL/LGPL/GPL tri-license. 2004-04-17 21:52:36 +00:00
neil%parkwaycc.co.uk
6394a7f9f8 Bug 227758 make subjectPrincipalIsSystem unscriptable and checkSameOriginURI scriptable r=caillon sr=dveditz 2003-12-19 21:51:37 +00:00
brendan%mozilla.org
7809adca33 Fix missing cx param problem (223041, r=caillon, sr=dbaron). 2003-11-03 04:26:55 +00:00
caillon%returnzero.com
66caced69a Re-land patch for bug 83536, merging principal objects. 
Also includes fixes from bug 216041.
r=bzbarsky
sr=jst
 2003-10-21 22:11:49 +00:00
brendan%mozilla.org
4038563cd9 Expose nsIScriptSecurityManager::SecurityCompareURIs for use by nsGlobalWindow::SetNewDocument, to avoid spurious window.open same-origin violation errors (220421, r=caillon, sr=bzbarsky). 2003-09-28 04:22:01 +00:00
caillon%returnzero.com
f8e8aed8a7 Backing out the patch to bug 83536. 
I will reland this when 1.6a re-opens.
r+sr=jst@netscape.com
a=chofmann
 2003-08-22 03:06:53 +00:00
caillon%returnzero.com
91b7c60bee Bug 83536. 
Merge script principal implementations into one class.
Should reduce footprint, speed up calls to caps a little bit, and fixes several memory leaks.
Also fixes bugs 211174 and 211263
r=jst@netscape.com
sr=bzbarsky@mit.edu
moa=mstoltz@netscape.com (he looked at an earlier patch and said it looked fine, and will do a retroactive review when he returns from vacation as well)
 2003-07-24 05:15:20 +00:00
mstoltz%netscape.com
ddc015e3b7 Bug 194872 - Cache zone-policy data on the subject principal instead of the callee. r=nisheeth, sr=jst. 2003-06-26 00:18:43 +00:00
harishd%netscape.com
85570db892 Grant access to SOAP response document's properties and also allow the document to be serializable. b=193953, r=heikki@netscape.com, sr=jst@netscape.com 2003-06-12 20:18:34 +00:00
seawood%netscape.com
97649bab86 Removing old cfm build files. Use the CFM_LAST_RITES tag to resurrect. r=macdev 2003-06-10 21:18:27 +00:00
dougt%meer.net
a069087dd4 Disallowing javascript or data schemes in a redirect. r=mstoltz, sr=brendan, a=rjesup, b=195201 2003-05-29 21:56:38 +00:00
dougt%meer.net
e3a6a4edfc Disallowing javascript or data schemes in a redirect. r=mstoltz, sr=brendan, a=rjesup, b=195201 2003-05-29 21:51:34 +00:00
caillon%returnzero.com
6d92f9bd32 184257 - Updating pref callers. r=timeless sr=bzbarsky 2003-01-08 08:40:41 +00:00
seawood%netscape.com
d5efcdfb6d Start installing GRE libraries & components into a separate dist/gre directory as part of the default build. 
Bug #186241 r=dougt
 2002-12-28 01:15:07 +00:00
mstoltz%netscape.com
d0f045a722 Bug 168316 - When calling from Java into JS, add a "dummy" JS stack frame with 
principal information for the security manager. r=dveditz, sr=jst, a=chofmann.
 2002-10-30 03:15:59 +00:00
seawood%netscape.com
322da773fb Removing old nmake build makefiles. Bug #158528 r=pavlov 2002-08-10 07:55:43 +00:00
sicking%bigfoot.com
39c966dd38 Use principals instead of URIs for same-origin checks. 
b=159348, r=bz, sr=jst, a=asa
 2002-07-30 21:26:32 +00:00
mstoltz%netscape.com
d0eab90dbb Bug 154930 - If one page has explicitly set document.domain and another has not, 
do not consider them to be of the same origin for security checks. r=dveditz, sr=jst
 2002-07-09 00:10:02 +00:00
mstoltz%netscape.com
6e12a5ca9f Bug 152725 - Get URL passed to cookie module from document principal, not document URL. 
THis ensures that cookies set by javascript URL pages are set in the correct domain.
r=morse, sr=dveditz.
 2002-07-02 17:58:24 +00:00