Latest revision as of 23:25, 5 December 2012

Standing Agenda

Q4 Goals Recap
Review currently active (P1) features against their established milestones, identify any blockers - Security/Roadmap + Privacy/Roadmap
Review roadmap priorities to ensure they accurately reflect active projects and Mozilla's priorities
Suggest additions or changes to roadmaps
Detailed discussion of features or outstanding issues as time permits
Additional Items
Upcoming events, OOO/travel, etc.

Paul and Raymond are exploring the idea of using taint in the JS engine to detect DOM XSS
DOMinator is an existing addon that does this but only works in Firefox 4 - it's now a commercial tool
Performance not an issue because its something a user/developer would turn on while testing.

@@ Line 14: / Line 14: @@
 = Tainting - DOM XSS =
 * Paul and Raymond are exploring the idea of using taint in the JS engine to detect DOM XSS
-* DOMinator is an addon that does this but only works in Firefox 4 - it's now a
+* DOMinator is an existing addon that does this but only works in Firefox 4 - it's now a commercial tool
 * Performance not an issue because its something a user/developer would turn on while testing.
 = 2013 team strategy =
 * https://wiki.mozilla.org/SecurityEngineering/2013
 * feedback to Sid if you've got thoughts on this doc.