Firefox/Projects/Extension Manager API/Security Overview

From MozillaWiki
Jump to: navigation, search

Auto updates

  • Concerns about paranoid users
  • Maybe think about using the whitelist
  • No distinction between update types

Manager in a tab

  • Issues with about: urls being potentially attackable by webpages.
  • Shouldn't look like content
  • Make sure that privileged things it does cannot be spoofed by webpages

Enhanced metadata

  • Data could still come from a compromised source so be sure to use the data safely

Downloading before offering to install

  • Worries over size and waiting
  • Need some kind of downloading indication and a way to cancel while it is going

Streamlined install experience

  • Worries over giving ourselves special powers to install without any confirmation
  • No way to see the signature
  • Ensure installs through the API require a hash
  • Concerns over how XSS flaws on AMO
  • Signing trusted XPIs might be a mitigation
  • Maybe ping back to AMO to verify that the add-on given is the one expected

Discovery pane

  • Should be a special page with SSL
  • Verify that it doesn't redirect to another server.
  • Links should open up in new tabs
  • Do we need to know about disabled add-ons?
  • Injecting the information seems ok