WebAPI/Security/Vibration: Difference between revisions
Jump to navigation
Jump to search
Ptheriault (talk | contribs) No edit summary |
No edit summary |
||
| (2 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
== Vibration == | == Vibration == | ||
Brief purpose of API: Let content activate the vibration motor. | Brief purpose of API: Let content activate the vibration motor. | ||
General use cases: Vibrate when hit in a game etc. | |||
General use cases: Vibrate when hit in a game | |||
Reference: http://dev.w3.org/2009/dap/vibration/ | Reference: http://dev.w3.org/2009/dap/vibration/ | ||
| Line 11: | Line 10: | ||
Threat severity: low | Threat severity: low | ||
Notes: | |||
* User can deny from Permission Manager to override an abusive app. | |||
* Since only foreground content can trigger vibrator, this seems equivalent to other potentially annoying feedback mechanisms and should be implicit for uninstalled web content. | |||
=== Permissions Table=== | === Permissions Table=== | ||
| Line 30: | Line 33: | ||
__NOTOC__ | |||
[[Category:Web APIs]] | |||
[[Category:Security]] | |||
Latest revision as of 23:42, 1 October 2014
Vibration
Brief purpose of API: Let content activate the vibration motor. General use cases: Vibrate when hit in a game etc.
Reference: http://dev.w3.org/2009/dap/vibration/
Security Discussion: https://groups.google.com/group/mozilla.dev.webapps/browse_thread/thread/6aa715e1d7a5a9f5#
Inherent threats: Obnoxious if abused, consume extra battery.
Threat severity: low
Notes:
- User can deny from Permission Manager to override an abusive app.
- Since only foreground content can trigger vibrator, this seems equivalent to other potentially annoying feedback mechanisms and should be implicit for uninstalled web content.
Permissions Table
| Type | Use Cases | Authorization Model | Notes & Other Controls |
|---|---|---|---|
| Web Content | As per general use case. | Implicit | Limit how long vibrations can run. Only foreground content can trigger vibration. |
| Installed Web Apps | As per general use case. | Implicit | Limit how long vibrations can run. Only foreground content can trigger vibration. |
| Privileged Web Apps | As per general use case. | Implicit | Limit how long vibrations can run. Only foreground content can trigger vibration. |
| Certified Web Apps | As per general use case. | Implicit | Limit how long vibrations can run. Only foreground content can trigger vibration. |