CH Scratchpad: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
Line 21: Line 21:


== web handlers todos ==
== web handlers todos ==
* refactor pref RDF stuff for protocol support: {{bug|384374}} (waiting for review)
* <strike>refactor pref RDF stuff for protocol support: {{bug|384374}} (waiting for review)</strike>
* tweak pref RDF stuff for multiple apps & MIME: {{bug|384374}}
* tweak pref RDF stuff for multiple apps: {{bug|384374}}
* proto dialog: lightweight XUL dialog (implement and hook up) {{bug|385065}}
* <strike>proto dialog: lightweight XUL dialog (implement and hook up) {{bug|385065}}</strike>
* prefs UI for changing {{bug|377784}}
* prefs UI for changing {{bug|377784}}
* future-proofing for POST
* security review
* security review
* get MIME-handling working with existing ucth dialog {{bug|385101}}
* register{Protocol}Handler dialogs {{bug|385106}}
* register{content,Protocol}Handler dialogs {{bug|385106}}
* platform specific app detection (win, mac, unix) {{bug|385114}}
* platform specific app detection (win, mac, unix) {{bug|385114}}
* favicons for pre-shipped online handlers
* favicons for pre-shipped online handlers
* online default registry (plugin finder?)
* online default registry (plugin finder?)

Revision as of 21:34, 31 July 2007

design issues

  • need to handle offline case gracefully
    • fragment identifiers can be used, but hacky; ping WhatWG
  • static add vs. dynamic add vs. preview actions
    • spec issue: GET not very RESTful for first two cases
  • security issues
    • spec: "should NEVER send https URIs to third-party sites"; need to design fallback behavior or change. todo: ask hixie what this protects
    • how do we handle URI leakage as per HTML5 4.10.2.1. todo: does fx2 handle this? sounds hard (impossible?) to fix
    • credential leakage spec verbiage sounds unimplementable
    • set up security audit
      • protocol handlers
        • figure out what URI schemes are acceptable for both source and target
  • POST issues
    • use cases
    • security stuff (see biesi/hixie thread in WhatWG archives)
      • require https to prevent WiFi hotspot MiTM attacks?

web handlers todos

  • refactor pref RDF stuff for protocol support: bug 384374 (waiting for review)
  • tweak pref RDF stuff for multiple apps: bug 384374
  • proto dialog: lightweight XUL dialog (implement and hook up) bug 385065
  • prefs UI for changing bug 377784
  • security review
  • register{Protocol}Handler dialogs bug 385106
  • platform specific app detection (win, mac, unix) bug 385114
  • favicons for pre-shipped online handlers
  • online default registry (plugin finder?)
Retrieved from "https://wiki.mozilla.org/index.php?title=CH_Scratchpad&oldid=64130"