Firefox/Projects/Extension Manager API/Security Overview
- Concerns about paranoid users
- Maybe think about using the whitelist
- No distinction between update types
Manager in a tab
- Issues with about: urls being potentially attackable by webpages.
- Shouldn't look like content
- Make sure that privileged things it does cannot be spoofed by webpages
- Data could still come from a compromised source so be sure to use the data safely
Downloading before offering to install
- Worries over size and waiting
- Need some kind of downloading indication and a way to cancel while it is going
Streamlined install experience
- Worries over giving ourselves special powers to install without any confirmation
- No way to see the signature
- Ensure installs through the API require a hash
- Concerns over how XSS flaws on AMO
- Signing trusted XPIs might be a mitigation
- Maybe ping back to AMO to verify that the add-on given is the one expected
- Should be a special page with SSL
- Verify that it doesn't redirect to another server.
- Links should open up in new tabs
- Do we need to know about disabled add-ons?
- Injecting the information seems ok