سؤال

I am packing a NPAPI plugin into a Chrome extension.
My doubt here should I code-sign the NPAPI plugin or the Chrome extension?

هل كانت مفيدة؟

المحلول

Part of the process of making the package is that the zip file (this is what a crx is) is signed. See http://developer.chrome.com/extensions/crx.html for more details.

This should mean that the download you get from the store can be verified. It does not mean however that once installed that the contents on the disk have not been modified - crx's are unpacked once they are installed and once unpacked the user could manipulate them. So if you are concerned that the NPAPI could be tampered with once installed then you would have to look in to how to do that.

مرخصة بموجب: CC-BY-SA مع الإسناد
لا تنتمي إلى StackOverflow
scroll top