Confirmed users
514
edits
Apps/PackagingProposal: Difference between revisions
Jump to navigation
Jump to search
→Trusted Apps
BillWalker (talk | contribs) No edit summary |
BillWalker (talk | contribs) |
||
| Line 4: | Line 4: | ||
* They use a minimum CSP policy in all pages in the app. This to ensure that the app doesn't get hacked using XSS attacks. I.e. we want to ensure that only the app developer's code runs, and not an attacker's code. Obviously this will never be perfect, but it will hopefully help a lot. | * They use a minimum CSP policy in all pages in the app. This to ensure that the app doesn't get hacked using XSS attacks. I.e. we want to ensure that only the app developer's code runs, and not an attacker's code. Obviously this will never be perfect, but it will hopefully help a lot. | ||
* The resources in a trusted app should use a different "cookie jar" than resources from the developer's website. This so that the trusted app can rely that the data it stores in cookies, indexedDB, etc isn't compromised. I.e. this is to further make it possible to hack a trusted app by hacking the developer's website and overwriting data which the trusted app relies on to make it behave in ways it otherwise wouldn't. | * The resources in a trusted app should use a different "cookie jar" than resources from the developer's website. This so that the trusted app can rely that the data it stores in cookies, indexedDB, etc isn't compromised. I.e. this is to further make it possible to hack a trusted app by hacking the developer's website and overwriting data which the trusted app relies on to make it behave in ways it otherwise wouldn't. | ||
* The resources in a trusted app should not be "same origin" with any resources other than ones from the same trusted app. I.e. if a trusted app creates an <iframe> pointing to the developer's website, javascript running | * The resources in a trusted app should not be "same origin" with any resources other than ones from the same trusted app. I.e. if a trusted app creates an <iframe> pointing to the developer's website, javascript running inside the iframe shouldn't be able to reach out and touch the objects in the trusted app. This is since otherwise it would obviously be significantly easier to hack a trusted app by hacking any websites that it opens in <iframe>s. | ||
inside the iframe shouldn't be able to reach out and touch the objects in the trusted app. This is since otherwise it would obviously be significantly easier to hack a trusted app by hacking any websites that it opens in <iframe>s. | |||
= Delivering Trusted Apps = | = Delivering Trusted Apps = | ||