Mozilla 2/Centralized security checks

From MozillaWiki
Jump to: navigation, search


Who is driving this feature

  • mrbkap
  • jst
  • bzbarsky
  • brendan
  • jorendorff


Feature tracking bug

When do you anticipate the feature landing Any relevant status comments for the feature can be placed here.

An implementation of this landed for Gecko 1.9. We'll have to see what kind of work has to be done to update it to the new world (APIs, especially security APIs seem like they're going to change rather drastically).

Overview and Motivations

Describe the goals and objectives of the feature here.

We would like to move away from ad-hoc checks everywhere in C++ code and move the security checks to a more centralized source-code location. Wrappers have shown themselves to be the most effective way of sandboxing JavaScript in one context from JavaScript in another context. By "wrapperizing" hard enough, we can move all security checks into the wrappers, hopefully gaining a good performance boost.

Risks and Assumptions

Describe any major assumptions or risks of the feature here.

The main risk of this plan is if we fail to create a wrapper in the right place, then we don't have a secondary line of defense. However, since the first days of XOWs, we haven't run across any bugs along the lines of "missing wrappers."

Schedule and Milestones

Describe the rough schedule here.

Unknown yet.


links to external documents that could inform the design of the feature