Security/Reviews/Firefox4/Doorhanger Security Review
From MozillaWiki
Overview
- main bug: bug 398776
- API is based on the notificationbox API (notification bars)
- current consumers:
- IndexedDB bug 591516
- Special timeout behavior bug 595253
- Geolocation (added in main bug bug 398776
- Addons installation status/confirmation
- Custom binding for status bug 570012
- Lightweight theme installation
- Password manager (Remembering Password? question only)
- IndexedDB bug 591516
Threats
- Spoofing?
- Overlap with chrome (anchored to location bar in common case, tab itself in other cases). Possible issue with tabs on bottom.
Topics To Discuss During The Review
Please be prepared to discuss the topics listed at ReviewTopics as they relate to your feature / project. Optionally, you may copy the most relevant questions here and answer them before the review, which could speed up the review meeting.
