Security/Reviews/B2G/Contacts
Gecko API Review Details
- API: Contacts API
- Review Date: August 15 2013
- Review Lead: Paul Theriault
OverviewArchitecture
Components
Relevant Source Code
Permission Model
Parent/Child Communication
Code Review Notes
1. Content/Chrome Segregation
2. Process Segregation
3. Data validation & Sanitization
4. Denial of Service
5. Use of Privileged APIs
6. Interfaces with other Apps/Content
Security Risks & Mitigating ControlsActions & Recommendations