Protect App from other Apps
Protect Container from Apps
I feel that there needs to be a security discussion for non-iframed F2 Apps, if only for the sake of satisfying corporate security watchdogs.
I'm experimenting with some ECMAScript5 tools (Object.defineProperty) to further lock down the F2 object from malicious apps. My goal is that everything that can be overridden should be overridden through the config method provided, and only the container would be able to use [the config method] with the container token, and locking down the native functions otherwise. We'll see how it turns out in testing.
ilinkuo
commented
10 years ago
I'm experimenting with some ECMAScript5 tools (Object.defineProperty) to further lock down the F2 object from malicious apps. My goal is that everything that can be overridden should be overridden through the config method provided, and only the container would be able to use [the config method] with the container token, and locking down the native functions otherwise. We'll see how it turns out in testing.