Please reply-to dev-webapps. Yes, its a bit odd to be discussion a mature API but we should make explicit its behavior for install applications.
Name of API: Geolocation API Reference: _https://developer.mozilla.org/En/Using_geolocation_ Brief purpose of API: Obtain current location of user General Use Cases: Mapping applications, GPS navigation, geotagging Inherent threats: * Leakage of user's current location to app * Leakage of user's current location to 3rd party geolocation service * Profiling of user behavior Threat severity: Moderate == Regular web content (unauthenticated) == Use cases for unauthenticated code: Same Authorization model for normal content: Explicit (default to not remember) Authorization model for installed content:Explicit (default to... ?) Potential mitigations: UI indicator for active geolocation with a path for user to disable == Trusted (authenticated by publisher) == Use cases for authenticated code: Same Authorization model: Explicit (default to... ?) Potential mitigations: Same == Certified (vouched for by trusted 3rd party) == Use cases for certified code: Device theft recovery; same Authorization model: Implicit Potential mitigations: Same (tho do we want UI indicator in case of theft?) _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
