Confirm
529
edits
Changes
no edit summary
* For more information about potential pitfalls see the [OWASP Session Management Cheet Sheet](https://www.owasp.org/index.php/Session_Management_Cheat_Sheet)
* [ ] Access Control should be via existing and well regarded frameworks. If you really do need to roll your own then contact the security team for a design and implementation review.
* [ ] If you are building a core Firefox service, consider adding it to the list of restricted domains in the preference `extensions.webextensions.restrictedDomains`. This will prevent a malicious extension from being able to steal sensitive information from it, see [bug 1415644](https://bugzilla.mozilla.org/show_bug.cgi?id=1415644).
Databases
