On Fri, Oct 21, 2016 at 5:56 PM, Ehsan Akhgari <ehsan.akhg...@gmail.com> wrote:
> On 2016-10-21 3:49 PM, Richard Barnes wrote: > > The geolocation API allows web pages to request the user's geolocation, > > drawing from things like GPS on mobile, and doing WiFi / IP based > > geolocation on desktop. > > > > Due to the privacy risks associated with this functionality, I would like > > to propose that we restrict this functionality to secure contexts [1]. > > > > Our telemetry for geolocation is a little rough, but we can derive some > > upper bounds. According to telemetry from Firefox 49, the geolocation > > permissions prompt has been shown around 4.6M times [2], on about 3B page > > loads [3]. Around 21% of these requests were (1) from "http:" origins, > and > > (2) granted by the user. So the average rate of permissions being > granted > > to non-secure origins per pageload is 4.6M * 21% / 3B = 0.0319%. > > Does this mean that we'd be breaking one in 5 geolocation requests as a > result of this? That seems super high. :( > That's why I included the additional context. Any feature we disable is going to break 100% of pageloads that use that feature. You need to take into account how many pageloads that actually is. > Since the proposal in the bug is adding [SecureContext] to > Navigator.geolocation, have we also collected telemetry around which > properties and methods are accessed? Since another kind of breakage we > may encounter is code like |navigator.geolocation.getCurrentPosition()| > throwing an exception and breaking other parts of site scripts... > I'm not picky about how exactly we turn this off, as long as the functionality goes away. Chrome and Safari both immediately call the error handler with the same error as if the user had denied permission. We could do that too, it would just be a little more code. --Richard > > > Access to geolocation from non-secure contexts is already disabled in > > Chrome [4] and WebKit [5]. > > > > Please send any comments on this proposal by Friday, October 28. > > > > Relevant bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1072859 > > > > [1] https://www.w3.org/TR/secure-contexts/ > > [2] https://mzl.la/2eeoWm9 > > [3] https://mzl.la/2eoiIAw > > [4] https://codereview.chromium.org/1530403002/ > > [5] https://trac.webkit.org/changeset/200686 > > _______________________________________________ > > dev-platform mailing list > > dev-platform@lists.mozilla.org > > https://lists.mozilla.org/listinfo/dev-platform > > > > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform