SecurityEngineering/Roadmap: Difference between revisions

Jump to navigation Jump to search

SecurityEngineering/Roadmap (view source)

Revision as of 03:41, 3 February 2012

359 bytes removed ,  3 February 2012
→‎Ideas Not Yet Awesome Enough
Line 63: Line 63:
|-
|-
! Item  
! Item  
! Status
! ETA
! Owner
! Owner
|-
|-
| [https://wiki.mozilla.org/NPAPI:Pepper2 Plugin sandboxing]<br>  
| [https://wiki.mozilla.org/NPAPI:Pepper2 Plugin sandboxing]<br>  
| not started
| &nbsp;?
| &nbsp;?
| &nbsp;?
|-
|-
| [https://groups.google.com/group/mozilla.dev.security/browse_thread/thread/f8afac1eef7cb4cd/b570280627c3dca8 Effective certificate revocation and management]<br>  
| [https://groups.google.com/group/mozilla.dev.security/browse_thread/thread/f8afac1eef7cb4cd/b570280627c3dca8 Effective certificate revocation and management]<br>  
| not started
| &nbsp;?
| &nbsp;?
| &nbsp;?
|-
|-
| [https://wiki.mozilla.org/Opt-in_activation_for_plugins Plugin runtime mitigations such as whitelist and/or click to ]<br>  
| [https://wiki.mozilla.org/Opt-in_activation_for_plugins Plugin runtime mitigations such as whitelist and/or click to ]<br>  
| not started
| Justin Dolske
| &nbsp;?
| &nbsp; Justin Dolske
|-
|-
| javascript: and data: handling in URL bar and chrome  
| javascript: and data: handling in URL bar and chrome  
| <br>
| <br>
| <br>
| <br>
|-
|-
| DLL&nbsp;whitelisting by name or signature<br>  
| DLL&nbsp;whitelisting by name or signature<br>  
| not started<br>
| &nbsp;?<br>
| &nbsp;?<br>
| &nbsp;?<br>
|-
|-
| Track "Application Reputation"<br>  
| Track "Application Reputation"<br>  
| <br>
| <br>
| <br>
| <br>
|-
|-
| Prune dead and dying code<br>  
| Prune dead and dying code<br>  
| <br>
| <br>
| <br>
| <br>
|-
|-
| Malloc should be infallible<br>  
| Malloc should be infallible<br>  
| <br>
| <br>
| <br>
| <br>
|-
|-
| TLS&nbsp;1.2 support<br>  
| TLS&nbsp;1.2 support<br>  
| <br>
| <br>
| <br>
| <br>
|-
|-
| Eviltraps meta-bug (prevents users from leaving a page)<br>  
| Eviltraps meta-bug (prevents users from leaving a page)<br>  
| <br>
| <br>
| <br>
| <br>
|-
|-
| Notify user of malware in their crash signatures<br>  
| Notify user of malware in their crash signatures<br>  
| <br>
| <br>
| <br>
| <br>
|-
|-
| Expose HSTS&nbsp;and other security browser state to plugins (NPAPI)<br>  
| Expose HSTS&nbsp;and other security browser state to plugins (NPAPI)<br>  
| <br>
| <br>
| <br>
| <br>
|-
|-
| Ignore autocomplete="off" for password fields
| Ignore autocomplete="off" for password fields
| <br>
| <br>
| <br>
| <br>
|-
|-
| UX security experiment  
| UX security experiment  
| not started
| &nbsp;?
| &nbsp;?
| &nbsp;?
|-
|-
| [https://bugzilla.mozilla.org/show_bug.cgi?id=663566 Content Security Policy revisions]
| [https://bugzilla.mozilla.org/show_bug.cgi?id=663566 Content Security Policy revisions]
| In progress
| ?
| Brandon Sterne
| Brandon Sterne
|-
|-
| CSRF&nbsp;mitigations  
| CSRF&nbsp;mitigations  
| <br>
| <br>
| <br>
| <br>
|-
|-
| Clickjacking mitigations  
| Clickjacking mitigations  
|
|
|  
|  
|-
|-
| X-Content-Type-Options  
| X-Content-Type-Options  
|
|
|  
|  
|-
|-
| toStaticHTML  
| toStaticHTML  
|
|
|  
|  
|}
|}
Ladamski
Confirmed users
717

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/393802"

Navigation menu