Brief purpose of API: Notify an app if the user is idle.
General Use Cases: Notify a web page is a user is idle (e.g. to change a status in an instant messaging program).
- Security discussion: https://groups.google.com/d/topic/mozilla.dev.webapps/Wxgz7_LKD40/discussion
- Privacy implications
- Signalling multiple windows at exactly the same time could correlate user identities and compromise privacy
- Could be used by a workplace to monitor activity by monitoring system idle
Threat severity: Low
|Type||Use Cases||Authorization Model|
|Web Content||None||No access|
|Installed Web Apps||None||No access|
|Privileged Web Apps||None||No access|
|Certified Web Apps||Notify an app if the user is idle.||Implicit|