Security Q&A

The following questions are related to implementing security protocols in TV applications.

To transmit encrypted information between Web browsers and Web servers, Samsung Smart TVs support TLS (Transport Layer Security) versions 1.0, 1.1, and 1.2.

A TV firmware upgrade can be required to patch the POODLE attack vulnerability. Consequently, SSL (Secure Sockets Layer) is no longer supported.

TV
HTV
#tls
#ssl

Since 2017 models, the Web Cryptography API is supported on Samsung Smart TVs.

TV
HTV
#web cryptography api

The Cross-Origin Resource Sharing (CORS) "Origin" request header is not supported on Samsung Smart TVs.

TV
HTV
#cors
#header error

SNI certificates for TLS are supported on Samsung Smart TVs since 2017 models.

TV
HTV
#server name indication

Yes. Smart TVs support handling JSON feeds through HTTPS.

TV
HTV
#json
#https

Make sure the TV Web engine supports the child-src directive, which was introduced in the Content Security Policy Level 2 (CSP2) specification. CSP2 is supported on Samsung TVs since 2017 models.

TV
HTV
#content security policy
#child src error