background.ts: make password longer
An excellent idea suggested by bovine3dom
SECURITY.md: change wording of "sandboxing firenvim" section
The discussion isn't ongoing anymore.
Explain persistent server mode in documentation
Make firenvim less secure
This commit removes a check ensuring that the `Origin` of a websocket
was that of the firenvim webextension which started neovim. This check
is removed because Mozilla decided to remove the `Origin` field of
websocket connections created from a webextension context (see
An alternative would have been to re-create this field with the
webRequest API. However, there are two blockers: this requires a new
permission (I learned from working on Tridactyl that Firefox is pretty
bad at updating extensions that require new permissions) and Chrome is
going to remove the webRequest API anyway.
Note that firenvim should still be secure for the following reasons:
- It binds itself to a random port
- It uses a 32-bit one time password to make sure that the incomming
connection is made from the webextension that started neovim.
- Neovim kills itself immediately if the websocket connection can't be
Still, Firenvim is less secure because of this removal: theorically
speaking, a malicious webpage could get lucky and discover the right
port and password combination. Before this removal, this wouldn't have
mattered as pages can't forge the Origin of their websockets.
SECURITY.md: Mention sandboxing discussion
Turn native messenger into a neovim plugin
This commit removes the rust component, as described in