Labs/Jetpack/Binary Components: Difference between revisions

Jump to navigation Jump to search

Labs/Jetpack/Binary Components (view source)

Revision as of 21:22, 28 July 2009

117 bytes added ,  28 July 2009
→‎Security Concerns: added more notes
(added security notes)
(→‎Security Concerns: added more notes)
Line 23: Line 23:


# The membrane methods have a tendency to get called very frequently, and as a result, implementing them in JavaScript is likely to not be efficient.
# The membrane methods have a tendency to get called very frequently, and as a result, implementing them in JavaScript is likely to not be efficient.
# JavaScript is an inherently dynamic language, and it's very hard to predict what all the possible outcomes of JavaScript code for a membrane might be.  Because of this, it's hard to code review a Flexible Membrane for security vulnerabilities.
# JavaScript is an inherently dynamic language, and it's very hard to predict what all the possible outcomes of JavaScript code for a membrane might be&mdash;especially when the membrane's script is in the same <code>JSRuntime</code> as the code it's trying to protect.  Because of this, it's hard to code review a Flexible Membrane for security vulnerabilities.


Because of these concerns, it's advised that any flexible membranes be re-written in C++ before being reviewed for security and placed in production code.
Because of these concerns, it's advised that any flexible membranes be re-written in C++ before being reviewed for security and placed in production code.
Avarma
93

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/158223"

Navigation menu