Security/Reviews/B2G/Contacts

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Gecko API Review Details

API: Contacts API
Review Date: August 15 2013
Review Lead: Paul Theriault

Overview

API is documented on mdn

Architecture

Components

Relevant Source Code

Permission Model

Parent/Child Communication

Code Review Notes

1. Content/Chrome Segregation

2. Process Segregation

3. Data validation & Sanitization

4. Denial of Service

5. Use of Privileged APIs

6. Interfaces with other Apps/Content

Security Risks & Mitigating Controls

Actions & Recommendations

Security/Reviews/B2G/Contacts

Contents

Gecko API Review Details

Overview

Architecture

Components

Relevant Source Code

Permission Model

Parent/Child Communication

Code Review Notes

1. Content/Chrome Segregation

2. Process Segregation

3. Data validation & Sanitization

4. Denial of Service

5. Use of Privileged APIs

6. Interfaces with other Apps/Content

Security Risks & Mitigating Controls

Actions & Recommendations

Navigation menu

Security/Reviews/B2G/Contacts

Gecko API Review Details

Overview

Architecture

Components

Relevant Source Code

Permission Model

Parent/Child Communication

Code Review Notes

1. Content/Chrome Segregation

2. Process Segregation

3. Data validation & Sanitization

4. Denial of Service

5. Use of Privileged APIs

6. Interfaces with other Apps/Content

Security Risks & Mitigating Controls

Actions & Recommendations

Navigation menu

Search