Confirmed users
2,615
edits
User:Dmose:Protocol Handler Security Review: Difference between revisions
Jump to navigation
Jump to search
User:Dmose:Protocol Handler Security Review (view source)
Revision as of 00:10, 1 November 2007
, 1 November 2007→Security and Privacy
| Line 47: | Line 47: | ||
*** will use reasonable defaults | *** will use reasonable defaults | ||
** application pref file (firefox.js or equivalent) missing | ** application pref file (firefox.js or equivalent) missing | ||
*** | *** falls back to secure config (everything blacklisted) | ||
** user prefs.js missing | ** user prefs.js missing | ||
*** falls back to default config (believed secure) | |||
* Include a thorough description of the security assumptions, capabilities and any potential risks (possible attack points) being introduced by your project. | * Include a thorough description of the security assumptions, capabilities and any potential risks (possible attack points) being introduced by your project. | ||
** Assumptions | ** Assumptions | ||
| Line 55: | Line 56: | ||
*** Phishy? (Encourages in-browser auth?) | *** Phishy? (Encourages in-browser auth?) | ||
**** not notably worse than current situation | **** not notably worse than current situation | ||
**** should avoid breaking identity/auth mitigations | **** should avoid breaking future identity/auth mitigations, but not knowing what those are likely to be makes this hard | ||
*** The HTML5 spec has a [http://www.whatwg.org/specs/web-apps/current-work/#security3 list of possible security issues] that should be gone through | *** The HTML5 spec has a [http://www.whatwg.org/specs/web-apps/current-work/#security3 list of possible security issues] that should be gone through | ||
*** register{Content,Protocol}Handler | *** register{Content,Protocol}Handler should be restricted to http and https handlers ({{bug|401343}}) | ||
*** | *** Need to decide on uses of web-handled URIs in contexts other than in href attribute of A element ({{bug|400886}}) | ||
*** old warning dialog has been removed: | *** old warning dialog has been removed: | ||
***** if it's unacceptably risky, we shouldn't be doing it at all | ***** if it's unacceptably risky, we shouldn't be doing it at all | ||