Firefox3.1/Security/ViewSource: Difference between revisions
< Firefox3.1 | Security
Jump to navigation
Jump to search
| Line 67: | Line 67: | ||
* What failure modes or decision points are presented to the user? | * What failure modes or decision points are presented to the user? | ||
'Click a link or don't click a link' | ''Click a link or don't click a link'' | ||
* Can its files be corrupted by failures? Does it clean up any locks/files after crashes? | * Can its files be corrupted by failures? Does it clean up any locks/files after crashes? | ||
Revision as of 18:27, 3 December 2008
Overview
Describe the goals and objectives of the feature here.
- Background links
- feature-tracking bug links
- specs or design docs
- QA TestPlan -- includes bug links.
Security and Privacy
- What security issues do you address in your project?
None.
- Is system or subsystem security compromised in any way if your project's configuration files / prefs are corrupt or missing?
No. (Are there any prefs that affect View Source?)
- Include a thorough description of the security assumptions, capabilities and any potential risks (possible attack points) being introduced by your project.
???
- How are transitions in/out of Private Browsing mode handled?
Not relevant
Exported APIs
- Please provide a table of exported interfaces (APIs, ABIs, protocols, UI, etc.)
None
- Does it interoperate with a web service? How will it do so?
No
- Explain the significant file formats, names, syntax, and semantics.
???
- Are the externally visible interfaces documented clearly enough for a non-Mozilla developer to use them successfully?
N/A
- Does it change any existing interfaces?
No
Module interactions
- What other modules are used (REQUIRES in the makefile, interfaces)
No changes
Data
- What data is read or parsed by this feature
Document Base URLs URLs in SRC and HREF attributes
- What is the output of this feature
Same View Source as always, but now with hyperlinks
- What storage formats are used
No storage formats
Reliability
- What failure modes or decision points are presented to the user?
Click a link or don't click a link
- Can its files be corrupted by failures? Does it clean up any locks/files after crashes?
Files may be read from disk, but no files are written. Note that the feature is designed to pull files from cache if at all possible, but I'm not sure if there are any security issues to this.
Configuration
- Can the end user configure settings, via a UI or about:config? Hidden prefs? Environment variables?
- Are there build options for developers? [#ifdefs, ac_add_options, etc.]
- What ranges for the tunable are appropriate? How are they determined?
- What are its on-going maintenance requirements (e.g. Web links, perishable data files)?
Relationships to other projects
Are there related projects in the community?
- If so, what is the proposal's relationship to their work? Do you depend on others' work, or vice-versa?
- Are you updating, copying or changing functional areas maintained by other groups? How are you coordinating and communicating with them? Do they "approve" of what you propose?