canmove, Confirmed users
1,537
edits
Privacy/Reviews/F1A: Difference between revisions
→Clearing Private Data
Mixedpuppy (talk | contribs) |
|||
| Line 404: | Line 404: | ||
''The Risk'' is that, while the user may think he is "resetting" credentials stored in his browser, this may not be the case if the 3rd party webapps don't store data in the right place or erase it at the right time. | ''The Risk'' is that, while the user may think he is "resetting" credentials stored in his browser, this may not be the case if the 3rd party webapps don't store data in the right place or erase it at the right time. | ||
''Requirement:'' when stored passwords in the browser are cleared, the webapps should delete passwords. Oauth tokens should be deleted when users clear | ''Requirement:'' when stored passwords in the browser are cleared, the webapps should delete passwords. Oauth tokens should be deleted when users clear "active logins". Contacts and other account data should be erased when the user clears localstorage. | ||
''Recommendation:'' if a user has not set up Firefox to remember passwords, no passwords should be stored in localstorage by the share add-on or its webapp components (they can be retained in memory, but lost when Firefox is closed). | ''Recommendation:'' if a user has not set up Firefox to remember passwords, no passwords should be stored in localstorage by the share add-on or its webapp components (they can be retained in memory, but lost when Firefox is closed). | ||
{{ResolutionBox|{{oauth tokens are stored in localStorage and are cleared | {{ResolutionBox|{{ok|oauth tokens are stored in localStorage and are cleared when users click logout or clear browser's localStorage. Oauth tokens should be purged when users clear "active logins".}}}} | ||
== Browsing History == | == Browsing History == | ||