Browser security 编辑

An important aspect of developing code for any browser, including Firefox, as well as any Web-oriented project, is its security. These articles provide important guides and references to ensuring the code you write is secure, including both design recommendations and testing guidelines.

A Web PKI x509 certificate primer
X.509 (in this document referred as x509) is an ITU standard to describe certificates. This article provides an overview of what these are and how they work.
Exploitable crashes
This article will help you determine if a crash is exploitable, find crashes which are exploitable, and to fix exploitable crashes.
Handling Mozilla Security Bugs
This document describes how the new security organizational structure will work, and how security-related Mozilla bug reports will be handled.
Pinning violation reports
If a site makes use of key pinning, and your browser sees a certificate chain for that site which does not match the pin, Firefox will reject the connection and display an error page.
Secure Development Guidelines
The following content will likely see significant revision, though can be used as a reference for security best practices to follow when developing code for Mozilla.
Security and the jar protocol
This article discusses security concerns with the jar: protocol, which only Firefox has ever implemented for Web content.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。
列表为空,暂无数据

词条统计

浏览:41 次

字数:2239

最后编辑:7 年前

编辑次数:0 次

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文