canmove, Confirmed users
737
edits
Jetpack/FAQ: Difference between revisions
Jump to navigation
Jump to search
→Interacting With the Web
| Line 141: | Line 141: | ||
<strong>Security</strong> | <strong>Security</strong> | ||
Code that interacts directly with web content is more likely to become compromised by malicious web pages. If this code is given access to powerful APIs, then a malicious web page can do much more damage, including access to the user's local file system and cross-domain network requests. See [http://blog.mozilla.com/addons/2011/10/14/security-mechanisms-in-the-add-on-sdk/ this blog post on the SDK's security mechanisms], and this [http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-185.html study on browser extension security]. | Code that interacts directly with web content is more likely to become compromised by malicious web pages. If this code is given access to powerful APIs, then a malicious web page can do much more damage, including access to the user's local file system and cross-domain network requests. See [http://blog.mozilla.com/addons/2011/10/14/security-mechanisms-in-the-add-on-sdk/ this blog post on the SDK's security mechanisms], and this [http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-185.html study on browser extension security]. | ||
<strong>Multi-process support</strong> | <strong>Multi-process support</strong> | ||
The Mozilla platform intended to move towards a model in which it uses separate processes to display the UI, handle web content, and execute add-ons. This is expected to improve the responsiveness of the UI, application stability, and performance, especially on multi-core machines. | The Mozilla platform intended to move towards a model in which it uses separate processes to display the UI, handle web content, and execute add-ons. This is expected to improve the responsiveness of the UI, application stability, and performance, especially on multi-core machines. | ||