Firefox extension development tutorial : security

Evaluating Code with Restricted Privileges
This article describes the use of Components.utils.evalInSandbox, which is a way to evaluate code "such as remote code" without chrome privileges.

Creating Sandboxed HTTP Connections
This article explains how to created sandboxed HTTP connections which don't affect the user's cookies.

Displaying Web Content in an Extension
Learn how to display web content in an extension without security issues.

Five Wrong Reasons to Use eval in an Extension
In this blog post, Wladimir Palant gives five wrong ways to evaluate code in an extension.

Get paid to share your links!

Tweet