cordova-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Georgiev <mgeorg...@utexas.edu>
Subject Re: [Android] SecureToken/NoFrak feature addition
Date Fri, 31 Jan 2014 21:34:44 GMT
On Fri, Jan 31, 2014 at 3:27 PM, Andrew Grieve <agrieve@chromium.org> wrote:
> Why is loadUrl insecure? (hopefully something less horrible than
> addJsInterface pre JB... :P)

Think about the usecase where a benign website is framed by a
malicious one. Again, this is server side. The app developer can't
prevent it from happening. The framework developer must make sure that
all usecases are handled properly.

Mime
View raw message