An important aspect of developing code for any browser, including Firefox, as well as any Web-oriented project, is its security. These articles provide important guides and references to ensuring the code you write is secure, including both design recommendations and testing guidelines.
- A Web PKI x509 certificate primer
- X.509 (in this document referred as x509) is an ITU standard to describe certificates. This article provides an overview of what these are and how they work.
- Exploitable crashes
- This article will help you determine if a crash is exploitable, find crashes which are exploitable, and to fix exploitable crashes.
- Pinning violation reports
- If a site makes use of key pinning, and your browser sees a certificate chain for that site which does not match the pin, Firefox will reject the connection and display an error page.
- Security and the jar protocol
- This article discusses security concerns with the
jar:protocol, which only Firefox has ever implemented for Web content.