norris%netscape.com
24778bda71
Modify generated dom code to use a enum rather than a string for codesize
...
and efficiency.
Tighten checks on document properties and node properties. Should resolve
several bugs:
18965 document.firstChild vulnerability
19043 document.childNodes vulnerability
19044 document.lastChild vulnerability
r=mstoltz
1999-11-20 07:28:34 +00:00
norris%netscape.com
5b4b0169aa
* Fix 12124 [DOGFOOD] Reading user's preferences
...
* Implement site-specific security policies (bug 858)
r=mstoltz
* Use Recycle rather than delete[] to clean up Purify logs
r=law
1999-11-16 05:07:31 +00:00
norris%netscape.com
7cd400a26f
* Fix the following bugs by tightening the default security policy.
...
17977 [DOGFOOD] Reading documents using document.body
17538 document.lastModified is exposed
17537 document.images vulnerabilities
16036 [DOGFOOD] document.Element exposes the DOM of documents from
15757 [DOGFOOD] Injecting JS code using setAttribute and getElemen
15550 Injecting text in documents from any domain using createText
15067 [DOGFOOD] getElementsByTagName() allows reading of arbitrary
* Create an array of dom property policy types and initialize it when the script security manager is created.
* Move some implementation code to a new shared implementation base class.
* Implement privilege enabling, disabling and reverting
* Implement stack walking for checking privileges.
r=mstoltz@netscape.com
* Modify nsIPref to support security policy work.
r=neeti@netscape.com
1999-11-11 22:10:36 +00:00
dmose%mozilla.org
142ac52eaf
updated xPL license boilerplate to v1.1, a=chofmann@netscape.com,r=endico@mozilla.org
1999-11-06 03:43:54 +00:00
norris%netscape.com
e5c170a049
work on bug 7270.
...
r=mstoltz.
Implement netscape.security.PrivilegeManager callbacks.
1999-10-28 22:09:03 +00:00
norris%netscape.com
c99b609910
Add ability to disable JS. Fix 13978 shopping at webvan.com crashes
1999-09-17 20:13:52 +00:00
norris%netscape.com
2b35be101c
Remove nsPrincipalManager.h
1999-09-15 21:30:10 +00:00
norris%netscape.com
9acf604770
Add security support for javascript: uris.
1999-09-15 20:58:41 +00:00
norris%netscape.com
0865f1cdaa
Create preferences for security checks.
...
Add new methods on nsIScriptSecurityManager for capabilities.
Fix 13739 MLK: nsScriptSecurityManager::CreateCodebasePrincipal
Fix 11666 Eliminate plvector (was: [infinite loop] bugs - plvector.c)
1999-09-15 04:05:43 +00:00
norris%netscape.com
6ce2283719
Remove unused files.
1999-09-13 20:10:24 +00:00
norris%netscape.com
2d8e12375f
* Add checks on urls formed from web scripts
...
* Make nsScriptSecurityManager implement nsXPCSecurityManager
* Fix unix warnings
1999-09-07 02:54:19 +00:00
briano%netscape.com
51d59f6f69
Cleaned it up and eliminated the pointless #!gmake.
1999-09-01 23:27:16 +00:00
norris%netscape.com
ec9d253f50
Add all-powerful system principals. Remove some dead code from the build.
1999-09-01 00:54:35 +00:00
cyeh%netscape.com
9577b5cefa
Remove IGNORE_MANIFEST=1. It doesn't do anything and it confuses people.
1999-09-01 00:54:34 +00:00
norris%netscape.com
d8507f844e
* clean up nsScriptSecurityManager
...
* remove nsJSSecurityManager
* save principals in nsIChannels and nsIDocuments
1999-08-29 21:58:42 +00:00
mccabe%netscape.com
84982717ce
Spam caps subtree to replace declarations of IDL-defined interface methods in implementation classes with xpidl-generated NS_DECL_NSIFOO macro.
1999-08-21 20:22:27 +00:00
arielb%netscape.com
1b252b2e3b
includes updates to codbase matching security checks currently turned off
...
but in place. redefined the script security manager in caps and it is
now generating codebase principals.
1999-08-20 09:51:02 +00:00
arielb%netscape.com
4b06750b30
removed zip support from caps module. from now on all that stuff will
...
be used by libjar. should also remove a lot of memory leaks reported on
nsZip
1999-08-07 21:40:33 +00:00
arielb%netscape.com
9655521b0f
Fix to bug 11330 and some changes to reduce warnings in linux builds
1999-08-07 19:59:31 +00:00
arielb%netscape.com
a1d83223f4
added a new and improved factory to caps module. fixed some bugs and
...
cleared some warnings. also move some methods of privilege manager to
principal manager.
1999-08-06 22:44:35 +00:00
sspitzer%netscape.com
0fc6c99e2d
fix warnings
1999-08-05 19:47:10 +00:00
briano%netscape.com
7047e55c1e
Added a newline to the EOF to fix the Unix native compiler builds.
1999-08-02 06:33:08 +00:00
arielb%netscape.com
0d16b83058
add a principal manager to caps api. everything is now xpidled so
...
i removed the public directory from the module.
1999-08-01 21:26:02 +00:00
arielb%netscape.com
387cbc374e
xpidling and updating nsTarget object. should resolve build errors on
...
SeaMonkey Ports
1999-07-28 05:43:26 +00:00
arielb%netscape.com
d00edf950d
removed some enums and migrated them into nsPrivilege, nsIPrivilege and
...
nsPrivilegemanager. cleaning up some old code from the security module
and refining their api's and such like.
1999-07-27 00:50:59 +00:00
briano%netscape.com
5923fce74f
Some compilers also object to #endif's with any non-comment tokens after them. Fixed.
1999-07-26 21:08:51 +00:00
briano%netscape.com
076494e4cb
Added a newline to the end of the file to fix the native-compiler Unix builds (HP-UX, Solaris, etc.).
1999-07-26 21:06:59 +00:00
arielb%netscape.com
3cc6d68ad6
i think i may have broken linux build with a tab at the end of a line in
...
the makefile, hope this was all for the bustage.
1999-07-24 04:18:22 +00:00
arielb%netscape.com
8dad60d09d
Fix to the caps security module. I removed the nsPrincipal struct, from now
...
on you can access principals by their xpcomed interface nsIPrincipal.
1999-07-24 03:58:23 +00:00
arielb%netscape.com
587d04c222
idled principals interfaces and some fixes to caps manager...
1999-07-16 20:31:18 +00:00
norris%netscape.com
f64740e501
Move several security files into idl. (Create idl directory in caps module.)
...
Implement methods of nsIXPCSecurityManager.
Fix random errors in DOM JS security.
1999-07-15 23:23:16 +00:00
norris%netscape.com
06317a54b3
Tom Pixley's code for the beginnings of DOM security, with a fix for the previous Mac link failure.
1999-07-07 07:50:03 +00:00
joki%netscape.com
37a6739ec1
Backing out js security changes.
1999-07-01 13:03:35 +00:00
joki%netscape.com
ccd5375141
New JavaScript/DOM security stuff.
1999-07-01 10:38:26 +00:00
raman%netscape.com
ba1f9dee86
Checking in changes from Bob Glickstein
1998-12-15 05:53:19 +00:00
ramiro%netscape.com
e2b921bf3c
Add cvsignore entries for makefiles generated bu autoconf.
1998-12-05 09:07:33 +00:00
ramiro%netscape.com
bc992a7bb0
Remove extraneous Makefile files.
1998-12-05 08:19:05 +00:00
raman%netscape.com
ce4f25a746
Deleted unnecessary nsCCapsManager:: from the prototype
1998-12-01 03:00:42 +00:00
raman%netscape.com
5b7786e40c
XP_COM interfaces for JS calls into CAPS
1998-11-23 00:27:00 +00:00
raman%netscape.com
231ff43d7a
Changes to make caps into a DLL. Defined all strings in this file until there is a replacement for allxpstr.h
1998-11-19 05:22:28 +00:00
raman%netscape.com
eb1dd00c2c
Bug fixes from MozillaClassic branch, plus changes to build caps without rdf
1998-11-16 21:57:13 +00:00
raman%netscape.com
23466e2008
Bug fixes to make caps stuff work with jvm's codesource principals
1998-10-28 03:31:17 +00:00
raman%netscape.com
eb854d55b9
Fix to make it compile on HP-UX. Define an else clause in the if statement of an inline function. Thanks briano
1998-10-19 18:25:01 +00:00
raman%netscape.com
ccee89d6a8
Added verification certifcates that are created via nsICapsManager. This could be used by JVM plugins.
1998-10-15 20:56:34 +00:00
raman%netscape.com
191dfa4366
Backing out my previous check-in. I was told my changes built ok on Mac, But I wasn't given complete information. Sorry for trouble.
1998-10-14 05:01:12 +00:00
raman%netscape.com
5f82c88ba4
Support for nsICertPrincipal. We do the certificate verification of certificates passed by JavaSoft
1998-10-14 02:52:40 +00:00
racham%netscape.com
3e5359a28f
Adding -reg_mode flag related APIs
1998-10-06 21:00:36 +00:00
racham%netscape.com
b87ef13ca0
Adding filecode base check routine
1998-10-06 20:59:47 +00:00
raman%netscape.com
34d9668524
Reenabled the code that fixes the memory leaks during startup. I have compiled these changes on windows, solaris, linux. Lasttime I checked in, Mac compiled ok.
1998-09-30 18:06:19 +00:00
raman%netscape.com
be4cd9ab8e
Backing my last checkin
1998-09-27 03:15:11 +00:00