canmove, Confirmed users
1,567
edits
Extension Manager:Addon Update Security: Difference between revisions
Jump to navigation
Jump to search
Extension Manager:Addon Update Security (view source)
Revision as of 22:09, 5 July 2007
, 5 July 2007→Requiring Update Hashes
| Line 36: | Line 36: | ||
=== Requiring Update Hashes === | === Requiring Update Hashes === | ||
The update manifest currently contains an optional property, the updateHash. This will become an absolute requirement for updates. Any updates listed in the update manifest missing a hash will be ignored. A message about why the update was ignored will be logged from the extension manager to allow add-on authors to debug issues with their update manifests. | The update manifest currently contains an optional property, the updateHash. This will become an absolute requirement for updates. Any updates listed in the update manifest missing a hash will be ignored. A message about why the update was ignored will be logged from the extension manager to allow add-on authors to debug issues with their update manifests. The hash algorithms available for hashing an xpi will be limited to those of the sha set (sha1, sha256, sha384 and sha512). This set may be extended in the future. | ||
This provides a high level of confidence that the update package that will be downloaded is the same update package referenced from the update manifest regardless of the security of the connection used to retrieve the package. | This provides a high level of confidence that the update package that will be downloaded is the same update package referenced from the update manifest regardless of the security of the connection used to retrieve the package. | ||