Apps/Security: Difference between revisions

Jump to navigation Jump to search

Apps/Security (view source)

Revision as of 05:55, 14 August 2012

89 bytes added ,  14 August 2012
→‎Why create a "privileged" application type?
Line 74: Line 74:
* The app will have to be reviewed by the store. Including reviewing all of the code that makes up the app.
* The app will have to be reviewed by the store. Including reviewing all of the code that makes up the app.
* The app will be signed by the store to ensure that hacking the store website doesn't allow a hacker to install arbitrary content on users devices.
* The app will be signed by the store to ensure that hacking the store website doesn't allow a hacker to install arbitrary content on users devices.
* The app will use a CSP policy to harden the app itself against bugs which would allow an attacker to inject code into the app. This will also make reviewing the app easier.
* The app will use a [https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html CSP] policy to harden the app itself against bugs which would allow an attacker to inject code into the app. This will also make reviewing the app easier.


==== Default CSP policy ====
==== Default CSP policy ====
Ladamski
Confirmed users
717

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/460659"

Navigation menu