Firefox/Projects/AccountManager/SecurityReview: Difference between revisions

Jump to navigation Jump to search

Firefox/Projects/AccountManager/SecurityReview (view source)

Revision as of 22:09, 31 August 2010

34 bytes added ,  31 August 2010
→‎Exported APIs
Line 45: Line 45:


== Exported APIs ==
== Exported APIs ==
* Please provide a table of exported interfaces (APIs, ABIs, protocols, UI, etc.)
* ''Please provide a table of exported interfaces (APIs, ABIs, protocols, UI, etc.)''
** Various javascript modules into resource://gre/modules/accountmanager
** '''service.jsm''' API for getting realms from the UI
** '''profiles.jsm''' provide a way to register new account types
*** Also provides abstract parent classes for profiles to implement
*** savedAccountCount, savedAccounts, createAccount, connect, disconnect
** base.jsm parent class sharing helper functions
** cache.jsm simple fifo cache
** hostmeta.jsm fetch and cache host metas for sites
** linkHeaderParser.jsm parse Link headers
** realms.jsm fetch and cache amcd for sites
** statusParser.jsm parse account status headers
** userPassFormProfile.jsm handle username/password accounts (server and local)


* Does it interoperate with a web service? How will it do so?
Various javascript modules into resource://gre/modules/accountmanager
** Interacts with websites that provide AMCD and status headers
* '''service.jsm''' API for getting realms from the UI
* '''profiles.jsm''' provide a way to register new account types
** Also provides abstract parent classes for profiles to implement
** savedAccountCount, savedAccounts, createAccount, connect, disconnect
* base.jsm parent class sharing helper functions
* cache.jsm simple fifo cache
* hostmeta.jsm fetch and cache host metas for sites
* linkHeaderParser.jsm parse Link headers
* realms.jsm fetch and cache amcd for sites
* statusParser.jsm parse account status headers
* userPassFormProfile.jsm handle username/password accounts (server and local)


* Explain the significant file formats, names, syntax, and semantics.
* ''Does it interoperate with a web service? How will it do so?''
** AMCD describes to the browser how to connect/disconnect/get status and how to respond on success/failure, e.g., load a url
** AMCD is a JSON file described in the spec
** HTTP X-Account-Management-Status: Status headers are comma and semicolon separated values describing each account and parsed with a custom parser
** HTTP Link: <uri>; rel="acct-mgmt": Link headers are defined with [https://datatracker.ietf.org/doc/draft-nottingham-http-link-header/ Web Linking standard] and parsed with a custom parser


* Are the externally visible interfaces documented clearly enough for a non-Mozilla developer to use them successfully?
Interacts with websites that provide AMCD and status headers, but not with any particular web service
** For website-facing changes, documentation is in the spec and blog examples
** For Firefox add-on facing api, not so much except existing code as a template, but we're not heavily pushing this yet


* Does it change any existing interfaces?
* ''Explain the significant file formats, names, syntax, and semantics.''
** No, but additional columns are added to the Password Manager database
 
AMCD describes to the browser how to connect/disconnect/get status and how to respond on success/failure, e.g., load a url
* AMCD is a JSON file described in the spec
 
HTTP X-Account-Management-Status: Status headers are comma and semicolon separated values describing each account and parsed with a custom parser
 
HTTP Link: <uri>; rel="acct-mgmt": Link headers are defined with [https://datatracker.ietf.org/doc/draft-nottingham-http-link-header/ Web Linking standard] and parsed with a custom parser
 
* ''Are the externally visible interfaces documented clearly enough for a non-Mozilla developer to use them successfully?''
 
For website-facing changes, documentation is in the spec and blog examples.
For Firefox add-on facing api, not so much except existing code as a template, but we're not heavily pushing this yet.
 
* ''Does it change any existing interfaces?''
 
No, but additional columns are added to the Password Manager database


== Module interactions ==
== Module interactions ==
Mardak
385

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/249980"

Navigation menu