1
edit
Firefox/Feature Brainstorming:Security: Difference between revisions
Jump to navigation
Jump to search
Firefox/Feature Brainstorming:Security (view source)
Revision as of 15:47, 13 February 2007
, 13 February 2007no edit summary
No edit summary |
No edit summary |
||
| Line 3: | Line 3: | ||
<tr><th>Specific features</th> | <tr><th>Specific features</th> | ||
<th width="30%">References</th></tr> | <th width="30%">References</th></tr> | ||
<tr><td> | |||
; Bookmarklets | |||
* Use of Javascript bookmarks should be denied if the user attempts to use them while the browser has established a secure https connection (to prevent malicious javascript injections). | |||
**As of 2.0.0.1 Firefox allows javascript bookmarks to attach external, third-party, scripts to the page during a secure connection without any warning creating a gaping security hole. | |||
* The user should be warned when attempting to bookmark javascript code. | |||
* The user should be warned (with disable future notices) when using javascript bookmark code which attempts to attach external scripts to the document. | |||
</td><td> | |||
n/a | |||
</td></tr> | |||
<tr><td> | <tr><td> | ||
; An additional strategy for whitelisting | ; An additional strategy for whitelisting | ||