Commits on Jan 6, 2012
  1. integrating train 2011.12.28

    lloyd committed Jan 6, 2012
Commits on Dec 28, 2011
  1. ChangeLog update for issue #800

    lloyd committed Dec 28, 2011
  2. added random seed in session context and in the process improved CSRF…

    … token entropy fixes #800
    benadida committed with lloyd Dec 23, 2011
  3. disable 'online' check. too many false positives to be useful. closes #…

    …719 (@shane-tomlinson - I went for a minimal fix given we're branching the beta train right after this commit.  feel free to clean up)
    lloyd committed Dec 28, 2011
Commits on Dec 27, 2011
  1. fix issue where when allowPersistent is true, and the user is not aut…

    …henticated to browserid, they wouldn't be shown the 'keep me signed in' checkbox - closes #776 (presumably a regression introduce in f9ab1ba ?)
    lloyd committed Dec 27, 2011
  2. Improve in-source RP for testing. Now you can fully specify the navig…

    … call without writing code - this is not an example for browserid implementors, but rather a local testing tool for browserid devs. for testing of issue #776
    lloyd committed Dec 27, 2011
Commits on Dec 22, 2011
  1. move to latest winchan which supports navigate away, fixes a bug or t…

    …wo on IE, and has a new api
    lloyd committed Dec 22, 2011
Commits on Dec 21, 2011
  1. Merge pull request #789 from mozilla/tweak-nodejscrypto-insteadof-ura…

    use crypto.getRandom instead of urandom closes #735
    lloyd committed Dec 21, 2011
  2. changed generate to use nodejs crypto, added weakgenerate, added asyn…

    …c support for generate, and added tests
    benadida committed Dec 21, 2011
Commits on Dec 20, 2011
  1. revived the, as well as the #NATIVE and #INTERNA…

    …L indications that internal APIs are about to be called
    benadida committed Dec 20, 2011
  2. Change Password on the manage page.

    * Add markup/CSS, including tooltips.
    * Add logic to manage_account.js.
    * Add changePassword to network/user.js.  Add related tests.
    * Update xhr mock so that session_context always returns "valid" info unless contextAjaxError is specified.
    * Update the tooltip so that it has a reset function.
    close #771
    close #114
    shane-tomlinson committed Dec 19, 2011
Commits on Dec 19, 2011
Commits on Dec 17, 2011
  1. update to jwcrypto 0.1.1 - now the verifier supports 'new style' asse…

    …rtions which are JWS structures separated by tildes and don't double base64 encode. assertion size down 33%. we still generate only old style assertions. issue #507
    lloyd committed Dec 17, 2011
Commits on Dec 16, 2011
  1. remove references to channel.js, which no longer is needed with the p…

    …ort to winchan - closes #766
    lloyd committed Dec 16, 2011
  2. Adding a check to ensure requiredEmail is actually an email address.

    * Add a new action - doError.
    * Add a new template invalidRequiredEmail
    * Add a check in the "start" state to see if the requiredEmail is legit.
    close #632
    shane-tomlinson committed Dec 16, 2011
  3. Finishing up the sharing of the forgot password screen between requir…

    …edEmail and normal flow.
    * Now in the requiredEmail flow, the title in forgot password screen remains "The site requested you sign in using"
    * Simplified the passing of the forgot_password module parameters.
    close #608
    shane-tomlinson committed Dec 16, 2011
  4. Can now cancel "use a different email"

    Reduce the amount of code - use the generic helper which takes care of the context.
    close #765
    shane-tomlinson committed Dec 16, 2011
  5. move to winchan for all of our cross domain window spawing and commun…

    …ication needs. closes #764
    lloyd committed Dec 16, 2011
  6. issue #700 - don't scatter generated files about the tree - create a …

    …relative symlink for include.js so we can perform a build somewhere, and then move it about the filesystem
    lloyd committed Dec 16, 2011
  7. (re-apply stomlinson's change for issue #700)

    Creating the build and production directories so that we are not polluting our dev directories and overwriting files in the build process.
    * Build script creates two new directories, build and production.
    * build is for uncompressed files.
    * production is for ready to serve up files.
    * Set up a symlink for include.js so we do not overwrite the original.
    * Update the build script to update include.js symlink.
    issue #700
    shane-tomlinson committed with lloyd Dec 4, 2011
Commits on Dec 15, 2011