caps/idl/nsICertificatePrincipal.idl
caps/idl/nsIPrincipal.idl
caps/src/nsBasePrincipal.cpp
Implement the ability to manipulate multiple capabilties simultaneously.
r=mstoltz@netscape.com
Files:
caps/src/nsCodebasePrincipal.cpp
Codebase equality should be based upon origin, not full path.
r=mstoltz@netscape.com
Files:
caps/src/nsScriptSecurityManager.cpp
Change URI checking to deny based upon scheme rather than allow based upon
scheme for greater flexibility.
r=mstoltz@netscape.com
Files:
dom/public/nsDOMPropEnums.h
dom/public/nsDOMPropNames.h
dom/src/base/nsGlobalWindow.cpp
modules/libpref/src/init/all.js
Fix bug 20469 Seeing JS functions and global variables from arbitrary host
r=vidur@netscape.com
Files:
dom/src/base/nsJSUtils.cpp
dom/src/base/nsJSUtils.h
dom/src/base/nsJSEnvironment.cpp
dom/tools/JSStubGen.cpp
layout/base/src/nsDocument.cpp
layout/html/content/src/nsGenericHTMLElement.cpp
Improve performance by removing NS_WITH_SERVICE call for every DOM access.
Propagate XPCOM failure codes out properly.
r=vidur@netscape.com
Files:
layout/html/document/src/nsFrameFrame.cpp
Fix 27387 Circumventing Same Origin security policy using setAttribute
r=vidur@netscape.com
Added ECMA3 compliant getter/setter syntax.
Fixed bugs
- #28686, mishandling of \$ in replace()
- #27902, eval not detected as heavyweight indicator for non ECMA
context version.
was causing defered calls to js_FreeSlot to do wild pointer writes into slots that
were no longer owned by the object. Also this improves the fix to 14462 (see note
in 28982 from brendan). r=brendan@mozilla.orga=jar@netscape.com
things were completely unusable due to security restriction in anything besides
xpcshell. This fixes bug 26879 and helps a lot for bug 8700 because is reduces
the work done for JSContext creation.
Also, ease the burden of xptcall porters by doing IS_COMPONENT for all unix platforms.
r=mccabe
Bug #14462, lot's of discussin there about these changes, but here's
Brendan's description :
In order, changes in the patch are:
- Rename JSSLOT_ITR_STATE to be JSSLOT_ITER_STATE (avoid cybercrud abbreviation
as cbrcrd, no more six-char id limits!).
- Property cache tests must occur with the object's scope-lock held, to close a
race with delete (js_DestroyProperty, always called with the property's scope
locked). Once the cache has been hit, and before the lock is released, the
property's refcount must be bumped. This requires re-acquisition of the lock
and js_DropScopeProperty afterward.
- Reworked js_FindProperty to use a do-while loop, as cx->fp->scopeChain must be
non-null. This avoids a gratuitous lastobj init done to "Suppress gcc warning"
in the old revision.
- Akin to the property cache hit cases in jsinterp.c and jsobj.c's
js_FindProperty, code to hold and drop the scope-property by its refcount that
was #ifdef JS_THREADSAFE must be unconditional, now that user-defined getters
and setters may delete the property id they're getting or setting.
- Fixed overlong continuation line in jsobj.h.
/be
correct addresses, for example tinderbox.mozilla.org, lxr.mozilla.org or
bonsai.mozilla.org. cvs-mirror shouldn't use in URLs anymore because it's
now on different server.
r=bryner
