Security/Reviews/Gaia/costcontrol

App Review Details

App:
Review Date:
Review Lead:

Overview

Architecture

Components

Relevant Source Code

Application Code

Shared Code

   shared/js/async_storage.js
   shared/js/l10n.js
   shared/js/l10n_date.js
   shared/js/lazy_loader.js
   shared/js/notification_helper.js
   shared/js/settings_listener.js

Permissions

Web Activity Handlers

Web Activity Usage

Notable Event Handlers

Code Review Notes

1. XSS & HTML Injection attacks

2. Secure Communications

3. Secure data storage

4. Denial of Service

5. Use of Privileged APIs

6. Interfaces with other Apps/Content

Security Risks & Mitigating Controls

Actions & Recommendations