| ConditionEvaluator.sys.mjs |
Safe condition evaluator for JSON-based security policies.
Evaluates policy conditions against action and context.
|
7045 |
33 % |
| DecisionTypes.sys.mjs |
Type definitions and helpers for the Smart Window security layer.
Defines SecurityDecision, DenialCodes, and allow/deny helper functions.
|
6035 |
100 % |
| moz.build |
|
276 |
- |
| policies |
|
|
- |
| PolicyEvaluator.sys.mjs |
Evaluates JSON-based security policies using "first deny wins" strategy.
Delegates condition evaluation to ConditionEvaluator.
|
10200 |
71 % |
| SecurityLogger.sys.mjs |
Security audit logger for AI Window policy decisions.
Outputs logs for debugging and development.
## Viewing Logs
Logs appear in the Browser Console (Ctrl+Shift+J) and terminal.
To enable debug-level output:
./mach run --setpref browser.ml.logLevel=Debug
Then filter for "SecurityLogger".
For all security & ML/AI related messages filter for "[MLSecurity]".
|
2341 |
100 % |
| SecurityOrchestrator.sys.mjs |
Dev/emergency kill-switch for security enforcement.
When false, all security checks are bypassed and allow is returned.
Should remain true in production. Consider restricting to debug builds in follow-up.
|
15937 |
86 % |
| SecurityUtils.sys.mjs |
Security utilities for Firefox Smart Window security layer.
This module provides:
- URL normalization for consistent comparison
- eTLD+1 (effective top-level domain) validation
- TabLedger: Per-tab trusted URL storage
- SessionLedger: Container for all tab ledgers in a Smart Window session
Security Model:
---------------
- Each tab maintains its own ledger of trusted URLs
- Conversation-level URLs (from @mentions) are stored in the SessionLedger
and included in merges for both tool execution and link validation
- Request-scoped context merges current tab + @mentioned tabs + conversation URLs
- URLs are normalized before storage and comparison
- Same eTLD+1 validation prevents injection via canonical/og:url
|
13284 |
94 % |