caps/src/nsScriptSecurityManager.cpp
04579855a2b73e2cf26831c1dc6a4733bd8744ac
created 2009-02-26 18:31 +0100
pushed unknown
Mook Mook - Bug 472032 - [win64] sizeof(long) != sizeof(void*) assertion in nsScriptSecurityManager.cpp; changed SecurityLevel to use PRWord, clarified assertion on the protected code; r+sr=dveditz
503b36e90c422f1adbd5f89c4517d5208d7e8f97
created 2009-02-17 20:32 -0800
pushed unknown
Dan Mosedale Dan Mosedale - Remove MailNews special casing from nsScriptSecurityManager (bug 374577), r+sr=bzbarsky
aefbb338fdc2a42e4d30dcdc3f2b205691a69e31
created 2009-01-07 20:42 -0800
pushed unknown
timeless timeless - Bug 412743 nsScriptSecurityManager::Init shouldn't treat failure of InitPrefs as fatal
eb870a41e5cb91328694e18285202fc1b6c7d028
created 2009-01-01 15:45 -0800
pushed unknown
timeless timeless - Bug 470804 crash [@ NS_GetInnermostURI - nsScriptSecurityManager::CheckLoadURIWithPrincipal], r=bz, sr=dveditz
5d1fbada858917573a87e817f732e7d4cc8559b3
created 2008-11-25 20:50 -0500
pushed unknown
Boris Zbarsky Boris Zbarsky - Bug 460425. Do better security checks during redirection. r=sicking,biesi, sr=sicking
3b0909b12aa55805c74f9d34eb04bafb275f6e2a
created 2008-10-22 13:15 -0700
pushed unknown
Blake Kaplan Blake Kaplan - Bug 396851 - Check to see if we're UniversalXPConnect-enabled to allow privileged web pages to unwrap XOWs. r+sr=bzbarsky
1b853ea8e4180c20b1ddb779fd38c22eb98060eb
created 2008-10-16 10:56 -0400
pushed unknown
Ben Newman Ben Newman - Bug 460124. Remove no-longer-needed code, since now we calculate hash values for nsPrincipals in a sane way. r+sr=bzbarsky
e7774e2e7ca98047b6fdb603d52dce0b987f12c3
created 2008-10-14 16:16 +0200
pushed unknown
Igor Bukanov Igor Bukanov - Bug 459656 - Implementing nsIThreadJSContextStack in nsXPConnect. r+sr=mrbkap
eee86e5513ad381eaa16a55f037fa479c8d54187
created 2008-10-10 17:04 +0200
pushed unknown
Arpad Borsos Arpad Borsos - Bug 456388 - Remove PR_STATIC_CALLBACK and PR_CALLBACK(_DECL) from the tree; r+sr=brendan
8e8a50453722967e4bb092d2c328ecf4943229bf
created 2008-10-08 15:05 -0700
pushed unknown
Blake Kaplan Blake Kaplan - Bug 457299 - nsScriptSecurityManager doesn't suspend the request on the current context when it starts using the safe context. r+sr=bzbarsky
65939e41055288a5c59eb1ff2a64d7b6af082dab
created 2008-10-08 09:16 -0400
pushed unknown
Ben Newman Ben Newman - Bug 454850. Make sure that whenever nsPrincipal::Equals would return true for a pair of principals their nsPrincipal::GetHashValue returns are also equal. r+sr=bzbarsky
7bfd2ee7016fcf5886ee0a8bdcd40d3e348a84ac
created 2008-09-21 15:21 -0700
pushed unknown
David Bienvenu David Bienvenu - bug 453943, always disable js for mailnews for 3.0 b1, don't load pref, r=bz, sr=dmose
38988e401f12146df46238be60547a95c5e9b766
created 2008-09-20 08:14 -0700
pushed unknown
David Bienvenu David Bienvenu - temporarily disable js in mailnews for 3.0 b1, r=bz, sr=dmose 453943
e71240d4b28c3c520a3faa951c946c3f7d7cb924
created 2008-09-07 00:21 +0200
pushed unknown
Arpad Borsos Arpad Borsos - Bug 398946 - Remove JS_STATIC_DLL_CALLBACK and JS_DLL_CALLBACK from the tree; r=(benjamin + bent.mozilla)
825b049918201d06b80d89f7f47b583b7b19cb90
created 2008-09-05 16:26 -0700
pushed unknown
Ben Turner Ben Turner - Bug 451731 - "Update caps, dom, xpconnect for Bug 451729 (checkObjectAccess moving to the JSContext)". r+sr=jst.
27e0838af137ad30cae84f447d2b8eb21bb21afd
created 2008-09-04 15:52 -0700
pushed unknown
Ben Turner Ben Turner - Bug 453720 - "Caps should assert when scripts do not contain principals". r+sr=mrbkap.
b4d9de8ad106e7530f5a21d5a6846ff2b959f4b4
created 2008-08-30 18:58 -0500
pushed unknown
Jason Orendorff Jason Orendorff - Bug 451571 - Delete SetExceptionWasThrown (r=dbradley, sr=jst)
f42b560650bf36512f336b61443c2434025d97a4
created 2008-08-27 18:15 -0700
pushed unknown
Honza Bambas Honza Bambas - Bug 442812: Implement the application cache selection algorithm. r+sr=bz
695ba8eac3dc1e4a5206ff29f25a36267bc2d3e0
created 2008-08-19 22:52 -0700
pushed unknown
Dave Camp Dave Camp - Backed out changeset 1e3d4775197a (bug 442812)
1e3d4775197af65a4f9bcebf2280ad0d710b722a
created 2008-08-19 19:31 -0700
pushed unknown
Honza Bambas Honza Bambas - Bug 442812: Implement the application cache selection algorithm. r+sr=bz
6a3f2ad3e523738776e15608ed9c2a9fde0d8237
created 2008-07-28 23:37 -0700
pushed unknown
Boris Zbarsky Boris Zbarsky - Bug 434522 follow-up bustage fix.
27ebd6f0ae2568a55036b6953f20c9f9bf046566
created 2008-07-28 23:10 -0700
pushed unknown
Boris Zbarsky Boris Zbarsky - Bug 437723. Make sure to look at the nested innermost URI when looking for the origin. r+sr=sicking
dee1a1ced0f923b8f868deefe7c4ded839ba5227
created 2008-07-28 23:03 -0700
pushed unknown
Boris Zbarsky Boris Zbarsky - Bug 434522. Make the "Permission denied to access Class.property" mesage more useful. r+sr=jst
4bad94dd547fe76c22ddbfa35c6e5aec253ae1d2
created 2008-04-18 10:35 -0700
pushed unknown
jonas jonas - Followup patch to bug 425201. Make sure to throw if xhr.open is called with an illegal uri. Also restore the nsIScriptSecurityManager.CheckConnect API as soap still uses it
6fb1f4eefa4d7320ee81808d24fee4f3c8b47d25
created 2008-04-12 14:26 -0700
pushed unknown
dveditz dveditz - bug 292789 prevent use of chrome: URIs from <script>, <img> stylesheets, etc except for chrome packages explicitly marked contentaccessible. r=bzbarsky, sr=jst, a=beltzner
94dbc184186fface34cce9dba404ef644590ae70
created 2008-04-08 17:38 -0700
pushed unknown
jonas jonas - Allow XMLHttpRequest and document.load load files from subdirectories. r/sr=dveditz
222eca91174822ae2ec30b84380866f6423dce32
created 2008-03-29 03:34 -0700
pushed unknown
igor igor - [bug 423874] backing out as a simpler patch would do the job with less code.
279e2361694d7b83c1ccf9746f167e68da167583
created 2008-03-28 15:27 -0700
pushed unknown
igor igor - [bug 424376] backing out - too much compatibility problems.
6278e319a54254f6a6eb1a94c6c5721f35a00400
created 2008-03-27 20:46 -0700
pushed unknown
bzbarsky bzbarsky - Fix bug 421228. r+sr=sicking
1c5b194ad03c6b7ce3b8d9b2890241128f1849e7
created 2008-03-23 03:16 -0700
pushed unknown
igor igor - bug=424376 r=brendan a1.9b5=beltzner Compile-time function objects are no longer exposed through SpiderMonkey API.
a37cd7e93065864b8307f2d8dafba17f5717ce83
created 2008-03-21 01:19 -0700
pushed unknown
igor igor - bug=423874 r=brendan a1.9b5=dsicore Allocating native functions together with JSObject
ae4d374b84019e23c8ddee2854cd331f06613dd3
created 2008-03-20 23:01 -0700
pushed unknown
jst jst - Fixing orange from bug 402983. Make file:///foo and file:////foo#bar compare as equal URLs. r+sr=bzbarsky@mit.edu
095e70787c44ac2251627a29a195c4a6a78ecec6
created 2008-03-20 21:39 -0700
pushed unknown
jst jst - Landing fix for bug 402983. Make security checks on file:// URIs symmetric. Patch by dveditz@cruzio.com, r=jonas@sicking.cc,bzbarsky@mit.edu. jst@mozilla.org
1beba98a99a8fd867bdd3894ecd61680aea87fc7
created 2008-03-20 01:19 -0700
pushed unknown
shaver shaver - Bug 246699: report better errors (with stacks) for security denials. r+sr=jst, a=mconnor.
1d07cdf5f1b04dfe6da4189f0118ec66d91dc905
created 2008-03-18 17:27 -0700
pushed unknown
jonas jonas - Bug 413161: Make nsIPrincipal::Origin ignore changes to document.domain. r/sr=dveditz
b1d9492b9c395ce137e0b69af9336b2725f5cccf
created 2008-03-18 14:14 -0700
pushed unknown
bzbarsky bzbarsky - Finally kill off CheckSameOriginPrincipal, fix remaining callers to do the checks they really want to be doing. Fix screw-up in nsPrincipal::Equals if one principal has a cert and the other does not. Bug 418996, r=mrbkap,dveditz, sr=jst
62f025bcb0cc3a2c9ef81544ffc0feee0e3a2236
created 2008-03-17 07:10 -0700
pushed unknown
gavin gavin - Back out bug 246699 to fix bug 423375, per shaver
a82f4b5a20f3b78971079db002cc5fabc20f46c2
created 2008-03-11 10:30 -0700
pushed unknown
timeless timeless - Bug 246699 CAPS security exceptions should throw richer exception info (not just raw string) r=shaver a=shaver
34618990870afed07830b2845885ba4924c410fd
created 2008-02-26 19:45 -0800
pushed unknown
jonas jonas - Bug 416534: Clean up cross-site xmlhttprequest security checks. With fixes to tests this time. r/sr=peterv
75f5ccc83d49111ac53327007aa38d71241744b9
created 2008-02-26 19:23 -0800
pushed unknown
myk myk - backing out fix for bug 416534 as potential cause of mochitest failure
896c4a5ed76ba7f66c324f5bdd40df4783e77f43
created 2008-02-26 18:17 -0800
pushed unknown
jonas jonas - Bug 416534: Clean up cross-site xmlhttprequest security checks. r/sr=peterv
6b0da17b7eace2c8478022698a8e5db9433f8a5a
created 2008-02-26 04:40 -0800
pushed unknown
Olli Pettay Olli Pettay - Bug 411054, Audit IsNativeAnonymous()/GetBindingParent() uses, r+sr=sicking
279a8fea24cca27fc3c00ce5b8470fcb462f00eb
created 2008-01-31 00:16 -0800
pushed unknown
jonas jonas - Bug 397878: Send Referer-Root header when doing cross-site access requests. Also update domain pattern matching to spec. Patch by <suryaismail@gmail.com>. r=bent sr=sicking b3a=beltzner
3bd06acda846375ffa8b180691bd07eff6f65299
created 2008-01-29 13:11 -0800
pushed unknown
jst jst - Fixing bustage.
e8d00681628f10786e4a9fa9ecfb56c689a77821
created 2008-01-29 12:51 -0800
pushed unknown
jst jst - Fixing bug 413767. Make caps use faster JS class/parent/private/proto accessors. r=mrbkap@gmail.com, sr=brendan@mozilla.org
11ce085ba49f1da2d8dd17c23b51dee70882c047
created 2008-01-28 09:51 -0800
pushed unknown
jst jst - Fixing bug 317240. Re-enabling caps optimization now that a documents principal never changes. r+sr=bzbarsky@mit.edu
81098817d5c908b7c27c919ab5f53337b43edac8
created 2008-01-16 16:32 -0800
pushed unknown
jst jst - Fixing bug 412691. Remove unnecessary nsCOMPtr's from performance critical code paths. r+sr=jonas@sicking.cc
6e7134f1facdff29402e90b4598d1658575aed8b
created 2008-01-15 07:50 -0800
pushed unknown
benjamin benjamin - Bug 411327 - nsIXPCNativeCallContext should not inherit from nsISupports, r=mrbkap, a=schrep
1ec9dbd46c1d30de23001a46cc50ef14713cadb8
created 2008-01-11 20:30 -0800
pushed unknown
dwitte dwitte - thoroughly whack mallocfest in nsID/nsJSID and friends. b=410250, r+sr=jst, a=blocking1.9+
194a61f763b22f6741b1a050a556c6a441f598a3
created 2008-01-11 02:08 -0800
pushed unknown
dwitte dwitte - partial backout in an attempt to fix orange.
dfd2df0377d549096ccd8dc4b902320d3b8f5f9b
created 2008-01-11 01:13 -0800
pushed unknown
dwitte dwitte - relanding bug 410250.
d501dfd8451cc06d728d718ab7c4bc0e6b0785a0
created 2008-01-10 20:59 -0800
pushed unknown
dwitte dwitte - backing out to fix orange.
9deb6d72cb35658a8188cd49f34621bb3f5bee16
created 2008-01-10 19:56 -0800
pushed unknown
dwitte dwitte - thoroughly whack mallocfest in nsID/nsJSID and friends. b=410250, r+sr=jst, a=blocking1.9+
31581ae56a599775a3959139e9e028677e153b93
created 2008-01-04 17:32 -0800
pushed unknown
mrbkap mrbkap - Always throw an exception, even if we cannot reach a principal. bug 409514, r+sr+a=jst
8ea600c2848c182b81a6f628d21f15c3e059e0e6
created 2008-01-04 15:59 -0800
pushed unknown
jst jst - Fixing bug 410851. Expose a faster way of getting the subject principal, and use that from performance critical code. r+sr=mrbkap@gmail.com
e1599cae9e8f429c25ce90f1be92cf6cf88f3acf
created 2007-12-21 11:06 -0800
pushed unknown
mrbkap mrbkap - XPCNativeWrappers can confuse the short-circuiting code. bug 409291, r+sr=jst a=beltzner
53339e02cc14358e28e833f8ff6c53c7d2b3fd38
created 2007-12-12 15:02 -0800
pushed unknown
jst jst - Fixing bug 408009. Make doGetObjectPrincipal() faster. r+sr=bzbarsky@mit.edu, r+a=brendan@mozilla.org
52b032f34a840247b4ad6ac5fca3a3482276517a
created 2007-11-12 19:23 -0800
pushed unknown
philringnalda philringnalda - Bug 400247 - remove XP_MAC deadcode in nsScriptSecurityManager.cpp, r+sr=bz, a=dsicore
f233e50c92373987117e3a6d837fe2c47db78ddb
created 2007-11-12 13:47 -0800
pushed unknown
tglek tglek - Bug 398574:Prbool fixes r=bz a=release drivers
5acee69f15bdf3ece01058a753e39a1bdfb01698
created 2007-10-26 18:46 -0700
pushed unknown
jonas jonas - bug 394390: Don't report bogus warnings to the error console when using cross-site xmlhttprequest. Patch by Surya Ismail <suryaismail@gmail.com>, r/sr=sicking
less more (0) -60 tip