Security/Reviews/B2G/Contacts

From MozillaWiki

< Security‎ | Reviews‎ | B2G

Jump to: navigation, search

Contents

1 Gecko API Review Details
2 Overview
3 Architecture
4 Code Review Notes
5 Security Risks & Mitigating Controls
6 Actions & Recommendations

Gecko API Review Details

API: Contacts API
Review Date: August 15 2013
Review Lead: Paul Theriault

Overview

API is documented on mdn

Architecture

Components

Relevant Source Code

Permission Model

Parent/Child Communication

Code Review Notes

1. Content/Chrome Segregation

2. Process Segregation

3. Data validation & Sanitization

4. Denial of Service

5. Use of Privileged APIs

6. Interfaces with other Apps/Content

Security Risks & Mitigating Controls

Actions & Recommendations

Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Reviews/B2G/Contacts&oldid=694795"

SecReview