Confirmed users
2,615
edits
User:Dmose:Protocol Handler Security Review: Difference between revisions
User:Dmose:Protocol Handler Security Review (view source)
Revision as of 17:10, 30 October 2007
, 30 October 2007→Security and Privacy
| Line 56: | Line 56: | ||
*** Phishy? (Encourages in-browser auth?) | *** Phishy? (Encourages in-browser auth?) | ||
*** The HTML5 spec has a [http://www.whatwg.org/specs/web-apps/current-work/#security3 list of possible security issues] that should be gone through | *** The HTML5 spec has a [http://www.whatwg.org/specs/web-apps/current-work/#security3 list of possible security issues] that should be gone through | ||
*** register{Content,Protocol}Handler need to use checkLoadURI | *** register{Content,Protocol}Handler need to use checkLoadURI {{bug|401343}} | ||
*** Uses of web-handled URIs in contexts other than in href attribute of a element ({{bug|400886}}) | *** Uses of web-handled URIs in contexts other than in href attribute of a element ({{bug|400886}}) | ||
**** object | **** object | ||