MozillaWiki

Security/Sandbox/Hardening: Difference between revisions

Page Discussion

Security/Sandbox/Hardening (view source)

Revision as of 16:42, 6 January 2017

13 bytes removed ,  6 January 2017
→‎TLS Stack
Line 206: Line 206:
* Check where the following:
* Check where the following:
* HSTS
* HSTS
  ** DoS
** DoS
  ** Child can alter entries in HSTS cache. The child must in order to process headers. See above. The child probably doesn’t have to do this, but likely can.
** Child can alter entries in HSTS cache. The child must in order to process headers. See above. The child probably doesn’t have to do this, but likely can.
** Key Pinning
* Key Pinning
  ** Pin a malicious certificate to bypass protection
** Pin a malicious certificate to bypass protection
  ** As above
** As above
* <keygen>  happens in the child, going away hopefully?
* <keygen>  happens in the child, going away hopefully?
* Client certificate UI?
* Client certificate UI?
Tritter
124

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1158753"