MozillaWiki

Opt-in activation for plugins: Difference between revisions

Page Discussion

Opt-in activation for plugins (view source)

Revision as of 01:23, 1 March 2012

2 bytes added ,  1 March 2012
no edit summary
No edit summary
No edit summary
Line 31: Line 31:
* Whether to differentiate between an SSL site containing plugin content loaded over SSL and an HTTP site containing plugin content loaded over HTTP.  Trusting content served over HTTPS is not the same as trusting content over HTTP, which is why they are usually treated as separate origins for security purposes.
* Whether to differentiate between an SSL site containing plugin content loaded over SSL and an HTTP site containing plugin content loaded over HTTP.  Trusting content served over HTTPS is not the same as trusting content over HTTP, which is why they are usually treated as separate origins for security purposes.


* Risk of clickjacking - is this something we should try to mitigate
* Risk of clickjacking - is this something we should try to mitigate ?
|Feature overview=Unknown, slow or insecure plugins shouldn't be allowed to run without user interaction.
|Feature overview=Unknown, slow or insecure plugins shouldn't be allowed to run without user interaction.


Imelven
Confirmed users
197

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/402715"