diff options
author | Simon Hausmann <simon.hausmann@qt.io> | 2018-10-26 13:05:00 +0200 |
---|---|---|
committer | Jani Heikkinen <jani.heikkinen@qt.io> | 2018-10-30 09:39:31 +0000 |
commit | b190d0d160e1cf5bbe65f8ff54752e8a7d33b49b (patch) | |
tree | bd577be76e2223c4e809909b143c15eee38aed71 | |
parent | 75132505ab7eba08f4c82aced31143960d4773a7 (diff) |
Add a brief section about security of JavaScript with Qt
Emphasize that the model is the same as with C++ (or QML for that
matter), in the sense that only trusted code should be evaluated.
Change-Id: Idd377af76ac7ebeb9f92a9ccc359c612f73e8bef
Reviewed-by: Paul Wicking <paul.wicking@qt.io>
Reviewed-by: Mitch Curtis <mitch.curtis@qt.io>
-rw-r--r-- | src/qml/doc/src/javascript/qtjavascript.qdoc | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/src/qml/doc/src/javascript/qtjavascript.qdoc b/src/qml/doc/src/javascript/qtjavascript.qdoc index d55e87a14d..ad93d9d9ac 100644 --- a/src/qml/doc/src/javascript/qtjavascript.qdoc +++ b/src/qml/doc/src/javascript/qtjavascript.qdoc @@ -90,4 +90,16 @@ underlying C++ object. Note that the name of the script variable can be anything; i.e., it is not dependent upon QObject::objectName(). + \section1 Implications for Application Security + + The security model of application scripting with JavaScript follows + the same model as for C++ code: the user installs scripts to run + that they trust in the same way as they install Qt applications. + + In order to preserve the trust of users, application developers should + not evaluate arbitrary JavaScript code. The JavaScript engine's sandbox is + only a semantic barrier. The script is evaluated in the same process and + with the same privileges as the rest of the application and shares the + same memory. As a consequence, C++ objects exposed to scripts are + accessible without additional security guards. */ |