Security/Features: Difference between revisions

← Older edit

Security/Features (view source)

Revision as of 18:43, 10 January 2014

1,167 bytes added , 10 January 2014

no edit summary

Curtisk

canmove, Confirmed users, Bureaucrats and Sysops emeriti

2,776

edits

@@ Line 1: / Line 1: @@
-This page lists the security features under development and our plans for deployment.
+{{warning|This page is no longer maintained.  Please see [[SecurityEngineering/Roadmap]] for current projects}}
+This page once listed the security features under development and our plans for deployment.
 = Status Overview =
@@ Line 35: / Line 37: @@
 <td style='background-color:#cfc;'> Done (Q2 2009)</td>
 <td style='background-color:#ffc;'> In Progress</td>
-<td style='background-color:#ffc;'> In Progress</td>
+<td style='background-color:#ffc;'> [http://tools.ietf.org/html/draft-hodges-strict-transport-sec In Progress]</td>
-<td style='background-color:#cfc;'> Done (6/2009)</td>
+<td style='background-color:#cfc;'> Done (8/2010)</td>
-<td style='background-color:#ffc;'> In Progress</td>
+<td style='background-color:#cfc;'> [http://hg.mozilla.org/mozilla-central/rev/5dc3c2d2dd4f Done] (8/2009)</td>
 <td style='background-color:#cfc;'> 4.0 </td>
 </tr>
@@ Line 58: / Line 60: @@
 <td style='background-color:#cfc;'> 4.0 </td>
 </tr>
+<tr>
+<td style='background-color:;'> [[Security/Features/Content Hashing|Content Hashing]]</td>
+<td style='background-color:#ffc;'> in progress</td>
+<td style='background-color:#ffc;'> in progress </td>
+<td style='background-color:#fcc;'> tbd </td>
+<td style='background-color:#fcc;'> tbd </td>
+<td style='background-color:#fcc;'> tbd </td>
+<td style='background-color:#fcc;'> ? </td>
+</tr>
+<tr>
+<td style='background-color:;'> [[Security/Features/XSS Filter|XSS Filter]]</td>
+<td style='background-color:#ffc;'> in progress</td>
+<td style='background-color:#ffc;'> in progress </td>
+<td style='background-color:#fcc;'> tbd </td>
+<td style='background-color:#fcc;'> tbd </td>
+<td style='background-color:#fcc;'> tbd </td>
+<td style='background-color:#fcc;'> ? </td>
+</tr>
 </table>
 = Projects =
 This is intended to summarize the status and basic goals of each project, and not serve as an ultimate authority on each of the features.
+SEE ALSO: [[Privacy/Features/]]
 == Origin Header / Sec-From ==
 Beginning as an [[Security/Origin]] header that aimed to prevent clickjacking as well as CSRF and JSON data theft, this feature has evolved into [[Security/Sec-From]] that will not prevent clickjacking, but can be compatible with various other specifications for similar HTTP request headers.
@@ Line 196: / Line 220: @@
 Tasks:
-* {{ok|IETF?}}
+* {{ok|[http://tools.ietf.org/html/draft-hodges-strict-transport-sec IETF]}}
-* {{ok|W3C?}}  (Currently submitted here by Paypal)
+* <s>{{ok|W3C?}}  (Currently submitted here by Paypal)</s>
 '''Prototype''': Done.  (6/2009)
@@ Line 208: / Line 232: @@
 * {{done|submit to AMO for screening and public dissemination}}
-'''Implementation''': In Progress.  ETA: Q2 2010
+'''Implementation''': Done.  (8/2010)
 Tasks:
 * {{done|convert prototype to C++}} -- partially in JS, see {{bug|495115}}
 * {{done|pick optimal location to scan for header}}
-* {{ok|write unit tests}}
+* {{done|write unit tests}}
-* {{ok|land on trunk}}
+* {{done|[http://hg.mozilla.org/mozilla-central/rev/5dc3c2d2dd4f land] on trunk}}
 == Process Isolation ==