SecurityEngineering/2015/Q2Goals: Difference between revisions
Jump to navigation
Jump to search
(→Content Security: Removing items from last Q.) |
(→Privacy/Tracking Protection: Updating referrer entry) |
||
Line 12: | Line 12: | ||
== Privacy/Tracking Protection == | == Privacy/Tracking Protection == | ||
* {{new|Provide Platform support for tracking protection}} (dri=francois) | * {{new|Provide Platform support for tracking protection}} (dri=francois) | ||
* {{ | * {{new|Referrer: Default referrer and referrer overrides.}} (dri=sworkman/sid) | ||
== Addon Security == | == Addon Security == |
Revision as of 16:35, 3 April 2015
Content Security
- [NEW] Implement insecure password warnings for Firefox DevTools. (dri=tanvi)
- [NEW] Finalize and then implement HTTP/HTTPS policy for password manager. (dri=tanvi)
- [NEW] Set appropriate loadingPrincipal and triggeringPrincipal in docshell. (dri=tanvi)
- [NEW] REVAMP: Add AsyncOpen2 to nsIChannel and start moving security checks. (dri=ckerschb)
- [NEW] CSP: Implement CSP directive: upgrade if insecure. (dri=ckerschb)
- [NEW] Support for "potentially unwanted software" URLs in Safe Browsing (dri=francois)
Privacy/Tracking Protection
- [NEW] Provide Platform support for tracking protection (dri=francois)
- [NEW] Referrer: Default referrer and referrer overrides. (dri=sworkman/sid)
Addon Security
- Mechanism for enforcing signed-by-AMO addons.
Communications Security
- [ON TRACK] OneCRL based on (subject, public key) (dri=mgoodwin)
Security QE
- [NEW] Password Manager (dri=kamil)
- [NEW] meta referrer (dri=kamil)
- [NEW] Safe browsing (dri=mwobensmith)
- Run existing tests and update as needed
- Execute test coverage with multiple blocklists
- [NEW] Tracking protection (dri=mwobensmith)
- Test and help ship feature
- Test plan and relevent test cases/automation
- Community test involvement