I believe both the Android Intent solution and the Google/Mozilla/Microsoft take on native messaging are vulnerable to phishing attacks which has bearing on authentication solutions. That is, the unavailability of a security context to the called application represents a problem including the possibility simply lying to the end-user.
_______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
