Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
links in web profile
reverted throttling of untrusted slapps to 1 every 5 seconds
don't treat slapps originating from external browsers as clicks and thus bypassing throttling
|
|
|
|
|
|
links in web profile
Also fixes SOCIAL-521 and SOCIAL-428
|
|
|
|
edit pick
|
|
|
|
|
|
LLURLDispatcherListener accepts requests for LLURLDispatcher.
LLCommandDispatcherListener accepts requests for LLCommandDispatcher.
LLPanelLoginListener accepts requests specifically for LLPanelLogin. Initially
it supports a simulated click to the "Log In" button.
|
|
We block or throttled certain SLurls when they came from an untrusted
browser. Previously this would happen silently (though a message was
sent to the logfile). Now we show a once-per-session notification if
either of these situations arise.
|
|
following SLAPP URL types in an untrusted browser:
secondlife:///app/agent/...
secondlife:///app/group/...
secondlife:///app/parcel/...
In order to find a compromise between supporting these commands and
security concerns over potential griefing vectors, we use a throttling
solution when these commands are issued by untrusted web browsers.
That is, we only process one command per 15 seconds.
This applies to external browsers, like Firefox, as well as the
internal SL browser.
Notably, we continue to block secondlife:///app/teleport URLs.
Reviewed by james.
|
|
svn+ssh://svn.lindenlab.com/svn/linden/branches/moss/pluginapi_05-merge@129910
svn merge -r 129913:131718 svn+ssh://svn.lindenlab.com/svn/linden/branches/pluginapi/pluginapi_05
Some branch shenannigans in the pluginapi_05 branch caused this to become a two-part merge.
|
|
svn+ssh://svn/svn/user/phoenix/license_2009_merge into trunk. QAR-1165
|
|
svn+ssh://svn/svn/linden/branches/featurettes/featurettes-batch4-merge
Resolving QAR-1051 Merge featurettes batch #4
|
|
QA'd in QAR-186:
DEV-9179: Commit translated and reviewed strings from 1.19 frozen branch pull
DEV-8792 Place information teleport button hidden behind chat bar.
DEV-9374: Remove "New Account..." and "Preferences" buttons from login screen for 1.19.0
DEV-9411 -- Update required version of Quicktime library to 7.4 for 1.19.0 Viewer
DEV-9430 Viewer auth failed login screen is shown in the loginxui 1.19 viewer on failure to retrieve normal login screen - changed wording of error page
DEV-8537 Chat console appearing underneath status buttons
DEV-9283 Chatbar cant be open while in mouselook
DEV-9226 Some Dazzle? icons have sneaked into the release branch
DEV-9520 Menus and Other items minimise behind onscreen buttons
DEV-9521 Unable to ctrl and click to select in the friends list
DEV-9530 SEC-20 Exploit to force users to teleport to a location on profile open.
DEV-6833 - Mature events icon and checkbox is missing from map legend
Also:
Added vc9 project files (+ minor changes for vc9) (steve)
Modified vc project files to not include the path for flex / bison (steve)
Added marker file deletion to crash logger to stop double reporting. (cube)
|
|
|
|
auth merge
|
|
|
|
svn+ssh://svn/svn/linden/branches/new-license into release. only changes files which are not deployed or the comments section of code.
|
|
svn+ssh://svn/svn/linden/branches/urldispatcher-for-merge
|