Final call for comments on this API. Please reply to [email protected] before COB Jun 4.
On Thursday, 10 May 2012 05:02:49 UTC+10, [email protected] wrote: > (Please reply-to [email protected]) > > Name of API: Battery API > Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=678694 > http://dvcs.w3.org/hg/dap/raw-file/tip/battery/Overview.html > > Note from spec: > The API defined in this specification is used to determine the battery > status of the hosting device. The information disclosed has minimal > impact on privacy or fingerprinting, and therefore is exposed without > permission grants. For example, authors cannot directly know if there is > a battery or not in the hosting device. > > Brief purpose of API: > General Use Cases:Adjust app behavior based upon power status > > Inherent threats:Fingerprinting, abuse of battery? > > Threat severity:low > > == Regular web content (unauthenticated) == > Use cases:Same > Authorization model for normal content: Implicit > Authorization model for installed content: Implicit > Potential mitigations: None > > == Trusted (authenticated by publisher) == > Use cases:Same > Authorization mode: Implicit > Potential mitigations:None > > == Certified (vouched for by trusted 3rd party) == > Use cases: Same > Authorization model:Implicit > Potential mitigations:None > > Note: Should have a setting to disable this in privacy settings _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
