Hi All,
In term of security, is it possible that any plugin that we buy in marketplace possibly contain a bad code to collect our data and send to third party.
If so, any prevention for this kind of thing?
Thanks,
Chandara
Hidden bad code in plugin
MVP
Desarrollador Certificado
- 792
- 7210
- 29/4/2021
- Bangladesh
MK_Mick wrote:
possibility is very low. any organization will not ruined their reputation. but if any confusion you can find out by inspecting network call.
Hi All,
In term of security, is it possible that any plugin that we buy in marketplace possibly contain a bad code to collect our data and send to third party.
If so, any prevention for this kind of thing?
Thanks,
Chandara
In term of security, is it possible that any plugin that we buy in marketplace possibly contain a bad code to collect our data and send to third party.
If so, any prevention for this kind of thing?
Thanks,
Chandara
possibility is very low. any organization will not ruined their reputation. but if any confusion you can find out by inspecting network call.
MVP
Desarrollador Certificado
- 792
- 7210
- 29/4/2021
- Bangladesh
Or for more deep inspacting Fiddler is the parfect tool to check network call. https://www.telerik.com/fiddler
MVP
- 11337
- 101097
- 22/5/2011
- United States
For a plugin to be accepted by the Marketplace, the vendor must submit their source code as per the guidelines:
https://www.nopcommerce.com/en/submitting-plugins-to-nopcommerce-marketplace.
I don't know how they "analyze" for security issues. Maybe the team can provide more information.
https://www.nopcommerce.com/en/submitting-plugins-to-nopcommerce-marketplace.
I don't know how they "analyze" for security issues. Maybe the team can provide more information.
- 132
- 818
- 29/4/2014
- Cambodia
rk.menon wrote:
Thank you, RK.
Thanks,
Mick
Or for more deep inspacting Fiddler is the parfect tool to check network call. https://www.telerik.com/fiddler
Thank you, RK.
Thanks,
Mick
- 132
- 818
- 29/4/2014
- Cambodia
New York wrote:
Thank you, New Work.
Have read guideline and no more doubt on this one.
Thanks,
Mick
For a plugin to be accepted by the Marketplace, the vendor must submit their source code as per the guidelines:
https://www.nopcommerce.com/en/submitting-plugins-to-nopcommerce-marketplace.
I don't know how they "analyze" for security issues. Maybe the team can provide more information.
https://www.nopcommerce.com/en/submitting-plugins-to-nopcommerce-marketplace.
I don't know how they "analyze" for security issues. Maybe the team can provide more information.
Thank you, New Work.
Have read guideline and no more doubt on this one.
Thanks,
Mick