adamsplugins at gmail.com
Mon Mar 13 09:48:11 EST 2006
On 13/03/06, Nickolay Ponomarev <asqueella at gmail.com> wrote:
> > >> Do you care/need to know if the data is maliciously changed to include
> > >> new functions that will now run inside chrome in your extension?
> > >
> > > No.
> I thought about before deciding to use toSource/eval, and decided that
> I don't care about this problem.
I agree that if values are stored in preferences, there is not
additional risk. From Eric's initial description I wasn't sure that
the storage was local (or was going to remain local at least). e.g.
can I export the settings and send them to a friend/post them in a
But in general, people don't think about security as much as they should...
On that note, is there a generic library I could use to [un]serialize
More information about the Project_owners