canmove, Confirmed users
285
edits
Security/Features/Revamp Security Hooks: Difference between revisions
Security/Features/Revamp Security Hooks (view source)
Revision as of 04:28, 14 May 2014
, 14 May 2014no edit summary
No edit summary |
No edit summary |
||
| Line 19: | Line 19: | ||
Meta bug - https://bugzilla.mozilla.org/show_bug.cgi?id=1006868 | Meta bug - https://bugzilla.mozilla.org/show_bug.cgi?id=1006868 | ||
|Feature users and use cases=Motivations - | |||
* Enable new hooks to better handle redirects and response observing/filtering | |||
* Replace necko observer-service notifications with something more high-performance | |||
* Enable implementing CSP, local-network-CSRF-protection and https-everywhere to be implemented using standard necko hooks | |||
* Replace nsIContentPolicy with something e10s friendly | |||
* Replace nsIProtocolHandler with something e10s friendly | |||
* Remove ability/need for protocol handlers to implement custom nsIURIs and nsIChannels | |||
* Enable starting network requests directly from worker threads and other non-main-threads | |||
* Enable off-main-thread network requests to never hit the main thread unless JS-based addons which explicitly request it are installed | |||
* Make redirect handling simpler and more consistent | |||
* Get rid of nsIChannel.owner | |||
* Provide consistent observer hooks that work for all channel types, including file:, http:, chrome:, data: etc. This is useful for the devtools team. | |||
* Provide observer hooks with fewer edge cases, even when a request is loaded from cache. | |||
}} | }} | ||
{{FeatureInfo | {{FeatureInfo | ||