例如,当我安装一个附加组件并重新启动 Firefox 时,它应该接受密码(仅在第一次安装时)。而当用户想要禁用或删除插件时,它只会在输入相同的密码时才符合?代码将保存在哪个部分?
问问题
1341 次
1 回答
1
You cannot. Even if you disable add-on uninstall - the user can always close the browser and remove the extension manually (removing the directory on disk will do).
That said, the secure way of storing passwords is the login manager. They will be stored encrypted on disk if the user defines a master password. Of course, the user himself can always see the stored passwords (under Options / Security / Saved Passwords). So you probably want to store a salted hash of the password rather than the password itself.
You can also use AddonManager.addAddonListener() to get notified whenever an add-on is being disabled or uninstalled. You can cancel the action by calling addon.cancelUninstall() or setting addon.userDisabled = false.
The above is merely for reference - it won't really help you achieve your goal.
于 2012-05-08T12:21:10.763 回答