Changes

Jump to: navigation, search

Labs/Ubiquity/0.2 Design: UI and Security Extensibility

842 bytes added, 22:19, 16 December 2008
Added more info on feed plugins
Requirement (1) will provide Feed Plugins with the freedom to implement whatever security model they need, while requirements (2) and (3) will give them the ability to present that model to the end-user in an understandable way.
Other possibilities Ubiquity 0.2 will contain one built-in Feed Plugin called the '''Default Command Feed Plugin'''. This plugin encapsulates Ubiquity 0.1's implementation for command feeds, which assumes that all subscribed-to command feeds are trusted and gives them full control over the end-user's system; it also warns the user when they attempt to subscribe to a feed that's served by an untrusted host or is sent over an insecure connection. The aim of 0.2 is to provide the infrastructure and tools for new, more secure Feed Plugins include:to arise that will eventually replace the default.
Possibilities for Feed Plugins include: * Plugins can be created that execute code in a sandbox with a limited codebase principal and mediate the exchange of data between it and the rest of Firefox to minimize the adverse effects of a malicious feed. See [http://www.toolness.com/wp/?p=356 A Security Model for Ubiquity] for more details. * Plugins that unify Ubiquity's UI with other pre-existing forms of web extensibility, like Bookmarklets and Greasemonkey scripts.
* It should also be possible for one Feed Plugin to wrap another, creating possibilities for middleware. For instance, a social web-of-trust style model could be layered on top of an object capabilities model, thus providing multiple layers of protection for end-users.
Varmaa
874
edits
Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/121079"

Navigation menu