Status

Places Security Review tracking bug

• bug 375898

Has a design review been completed?

• Places Design Overview

When do you anticipate the feature landing

• Places-based History was turned on for the Firefox 3 Alpha 2 release
• Places-based Bookmarks was turned on for the Firefox 3 Alpha 5 release

Overview

Use Cases

Requirements

UI Design Documentation

use cases and expected user knowledge (terminology, metaphors, etc)

Use-cases:

• Places:History Use Cases
• Bookmarks Use Cases

Terminology:

• Visit
• Session
• Bookmark
• Tag
• Star
• Folder
• Livemark
• Smart Folders/Queries/Saved Searches
• Organizer
• Keyword

design mockups (of whatever fidelity is easiest)

• Places:User_Interface

links to relevant user data, bugs, reports, examples, etc

Design Impact

Security and Privacy

• What security issues do you address in your project?

• Is system or subsystem security compromised in any way if your project's configuration files / prefs are corrupt or missing?

• Include a thorough description of the security assumptions, capabilities and any potential risks (possible attack points) being introduced by your project.
  • Assumptions
  • Capabilities
  • Potential Risks

• • Misc

Exported APIs

• Please provide a table of exported interfaces (APIs, ABIs, protocols, UI, etc.)
  • APIs
    • exported to the web:
    • exported to XPCOM:
  • UI -- see the UI design documentation section
• Does it interoperate with a web service? How will it do so?

• Explain the significant file formats, names, syntax, and semantics.

• Are the externally visible interfaces documented clearly enough for a non-Mozilla developer to use them successfully?

• Does it change any existing interfaces?

Web Compatibility

• Does the feature had any impact on Web compatibility?

Performance

• How will the project contribute (positively or negatively) to "perceived performance"?

• What are the performance goals of the project? How were they evaluated? What is the test or reference platform and baseline results?

• Will it require large files/databases (for example, browsing history)?

Reliability

• What failure modes or decision points are presented to the user?

• Can its files be corrupted by failures? Does it clean up any locks/files after crashes?

l10n and a11y

• are any strings being changed or added?

• are all UI elements available through accessibility technologies?

Installation, Upgrade/Downgrade/Sidegrade, and platform requirements

• Does it equally support all Tier-1 platforms?

Yes.

• Does it have a hardware requirement (or increase minimum requirements)?

No.

• Does it require changes to the installer?

No.

• Does it impact updates?

No.

• List the expected behavior of this feature/function when Firefox is upgraded to a newer minor release, downgraded by installation of an earlier revision, or re-installed (same version)

Upgrade:

Downgrade:

Configuration

• Can the end user configure settings, via a UI or about:config? Hidden prefs? Environment variables?

Y

• Are there build options for developers? [#ifdefs, ac_add_options, etc.]

• What ranges for the tunable are appropriate? How are they determined?

• What are its on-going maintenance requirements (e.g. Web links, perishable data files)?

Relationships to other projects - are there related projects in the community?

• If so, what is the proposal's relationship to their work? Do you depend on others' work, or vice-versa?

• Are you updating, copying or changing functional areas maintained by other groups?

Documentation

• Do built-in Help pages need modified?

• Documentation for developer.mozilla.org?

Other

Discussion & Implications

Caveats / What We've Tried Before

References