Security/Reviews/Firefox4/Cascade Session Restore Security Review
Security Review Pre-Work
Please fill our the short section below prior to the review, and make sure you contact firstname.lastname@example.org to schedule your actual review.
The goal here was to make the browser more responsive while performing a session restore. We did this by only allowing a few tabs to be loading at a time (after some quick experimentation to determine this would in fact work)
- Background links
Please list the top 3 security threats you have considered during the design and implementation of this feature. Consider attack points as well as code that feels fragile.
Nothing I can think of. We're hanging information we need from each <xul:browser> but not exposing any more information than is otherwise available.
What mitigations have you implemented?
Topics To Discuss During The Review
- Does the feature cache or store data that could strengthen super-cookies?
No more than session restore does otherwise. Nothing particular to this feature.
- How are transitions in/out of Private Browsing mode handled?
Transitions also cascade. However transitioning into PB mode doesn't need to cascade (only 1 tab) so we don't need to hang any data on the tab. Since we didn't hang any data on the tab while in PB mode, there's nothing special that needs to be done transitioning out.
- How is "Clear Recent History" handled?
For tabs that hadn't been properly restored yet, we delete the data we were hanging off each tab and remove the listeners we added.
Notes and bug numbers will be recorded here. Let's try not to spend too much time on any one topic during the meeting.