Features/Platform/CSP Sandbox
From MozillaWiki
Please use "Edit with form" above to edit this page.
Status
| CSP Sandbox | |
| Stage | Development |
| Status | In progress |
| Release target | ` |
| Health | OK |
| Status note | Sandbox is currently part of the CSP 1.1 spec |
Team
| Product manager | Sid Stamm |
| Directly Responsible Individual | Devdatta Akhawe |
| Lead engineer | ` |
| Security lead | Daniel Veditz |
| Privacy lead | Sid Stamm |
| Localization lead | ` |
| Accessibility lead | ` |
| QA lead | ` |
| UX lead | ` |
| Product marketing lead | ` |
| Operations lead | ` |
| Additional members | Tanvi Vyas, Devdatta Akhawe |
Open issues/risks
- need iframe sandbox (bug 341604) to land
Stage 1: Definition
1. Feature overview
2. Users & use cases
The CSP sandbox attribute is designed to allow sandboxing of content that cannot necessarily be wrapped in an iframe sandbox, or that can be accessed directly, avoiding any sandboxing that may be done by a containing iframe.
3. Dependencies
Requires the sandboxing infrastructure from https://wiki.mozilla.org/Features/Platform/Iframe_Sandbox
4. Requirements
Comply with the CSP spec's description of this feature
Non-goals
`
Stage 2: Design
5. Functional specification
`
6. User experience design
`
Stage 3: Planning
7. Implementation plan
`
8. Reviews
Security review
`
Privacy review
`
Localization review
`
Accessibility
`
Quality Assurance review
`
Operations review
`
Stage 4: Development
9. Implementation
`
Stage 5: Release
10. Landing criteria
`
Feature details
| Priority | P3 |
| Rank | 999 |
| Theme / Goal | Security Leadership |
| Roadmap | Security |
| Secondary roadmap | Platform |
| Feature list | ` |
| Project | ` |
| Engineering team | Security |
Team status notes
| status | notes | |
| Products | ` | ` |
| Engineering | ` | ` |
| Security | ` | ` |
| Privacy | ` | ` |
| Localization | ` | ` |
| Accessibility | ` | ` |
| Quality assurance | ` | ` |
| User experience | ` | ` |
| Product marketing | ` | ` |
| Operations | ` | ` |
