Security/Reviews/Firefox4/FileAPI Security Review: Difference between revisions

Jump to navigation Jump to search

Security/Reviews/Firefox4/FileAPI Security Review (view source)

Revision as of 23:12, 29 September 2010

149 bytes added ,  29 September 2010
no edit summary
(Created page with "== Overview == ''Describe the goals and objectives of the feature here.'' [http://dev.w3.org/2006/webapi/FileUpload/publish/FileAPI.html File API spec] ;Background links * feat...")
 
No edit summary
Line 4: Line 4:
[http://dev.w3.org/2006/webapi/FileUpload/publish/FileAPI.html File API spec]
[http://dev.w3.org/2006/webapi/FileUpload/publish/FileAPI.html File API spec]


;Background links
Allows getting a url for a file. When loading from the url, it loads from the contents of a file.
* feature-tracking bug links
* specs or design docs


== Security and Privacy ==
== Security and Privacy ==
* Is this feature a security feature?  If it is, what security issues is it intended to resolve?
* What potential security issues in your feature have you already considered and addressed?
* What potential security issues in your feature have you already considered and addressed?
* Is system or subsystem security compromised in any way if your project's configuration files / prefs are corrupt or missing?
 
URL has a origin and is subject so same origin checks. If origin A generates a url, then origin B can't load from it. Additionally, there is no way for B to get the url unless A explicitly hands it a copy.
 
There is currently a bug that allows origin B to "revoke" a url that origin A has generated. But only if it somehow manages to guess the url.
 
* Include a thorough description of the security assumptions, capabilities and any potential risks (possible attack points) being introduced by your project.
* Include a thorough description of the security assumptions, capabilities and any potential risks (possible attack points) being introduced by your project.
That UUIDs can't be guessed (though there are extra layers of security).
Possible bugs in how we get the origin for a given uri.
* How are transitions in/out of Private Browsing mode handled?
* How are transitions in/out of Private Browsing mode handled?
No effects. Maybe there should be?


== Exported APIs ==
== Exported APIs ==
* Please provide a table of exported interfaces (APIs, ABIs, protocols, UI, etc.)
* Please provide a table of exported interfaces (APIs, ABIs, protocols, UI, etc.)
* Does it interoperate with a web service? How will it do so?
 
* Explain the significant file formats, names, syntax, and semantics.
url = window.createBlobURL(file);
* Are the externally visible interfaces documented clearly enough for a non-Mozilla developer to use them successfully?
window.revokeBlobURL(url);
 
* Does it change any existing interfaces?
* Does it change any existing interfaces?
nsIDOMWindow2


== Module interactions ==
== Module interactions ==
Sicking
Confirmed users
716

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/256990"

Navigation menu