: Etherpad users! We are developing an extension that will allow you to create pages from etherpads quickly and easily. Please visit our sandbox and help us test it.


From MozillaWiki
Jump to: navigation, search

Name of API: WebUSB API


Brief purpose of API: Allow core (certified) apps to interact directly with USB devices General Use Cases:

Inherent threats:

  • Theft of sensitive data
  • Device compromise (mounting of device USB filesystem)

Threat severity: Critical

Regular web content (unauthenticated)

Use cases for unauthenticated code: None

Authorization model for normal content: None

Authorization model for installed content: None

Potential mitigations: N/A

Trusted (authenticated by publisher)

Same as for installed unauthenticated app

Certified (vouched for by trusted 3rd party)

Use cases for certified code: Configure, enable/disable USB devices. Interact with USB devices.

Authorization model for normal content: Implicit


Non-certified use cases are out of scope for 1.0. We will consider those for a subsequent release.