Confirmed users
1,340
edits
WebAPI/Security/Idle: Difference between revisions
no edit summary
No edit summary |
|||
| (7 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
==Idle API== | |||
Brief purpose of API: Notify an app if the user is idle.<br> | |||
General Use Cases: Notify a web page is a user is idle (e.g. to change a status in an instant messaging program). | |||
References: | References: | ||
| Line 5: | Line 8: | ||
*Security discussion: https://groups.google.com/d/topic/mozilla.dev.webapps/Wxgz7_LKD40/discussion | *Security discussion: https://groups.google.com/d/topic/mozilla.dev.webapps/Wxgz7_LKD40/discussion | ||
Inherent threats: | |||
*Privacy implications | |||
**Signalling multiple windows at exactly the same time could correlate user identities and compromise privacy | |||
**Could be used by a workplace to monitor activity by monitoring system idle | |||
Inherent threats: | |||
Privacy | |||
* | |||
*Could be used by a workplace to monitor activity by monitoring system idle | |||
Threat severity: Low | Threat severity: Low | ||
== | === Permissions Table=== | ||
== | |||
Authorization | {| border="1" class="wikitable" | ||
! Type | |||
! Use Cases | |||
! Authorization Model | |||
|- | |||
| Web Content || None || No access | |||
|- | |||
| Installed Web Apps || None || No access | |||
|- | |||
| Privileged Web Apps || None || No access | |||
|- | |||
| Certified Web Apps || Notify an app if the user is idle. || Implicit | |||
|} | |||
[[Category:Web APIs]] | |||
[[Category:Security]] | |||