Please use "Edit with form" above to edit this page.
Item Reviewed
Fennec Private Browsing | |||||||||||||||||
Target |
3 Total; 0 Open (0%); 3 Resolved (100%); 0 Verified (0%); |
{{#set:SecReview name=Fennec Private Browsing
|SecReview target=
ID | Summary | Priority | Status |
---|---|---|---|
582244 | Implement Private Browsing | P2 | RESOLVED |
794502 | Tracking bug for platform work required for per-window PB for mobile | -- | RESOLVED |
802251 | SecReview: Mobile Private Browsing | -- | RESOLVED |
3 Total; 0 Open (0%); 3 Resolved (100%); 0 Verified (0%);
}}
Introduce the Feature
Goal of Feature, what is trying to be achieved (problem solved, use cases, etc)
- port same private browsing features we have on desktop to our mobile platform
- this is a per tab attribute
- Most of the outstanding work is the platform bugs referenced in pb - the exception is the new tab issue (801646).
What solutions/approaches were considered other than the proposed solution?
- parity with desktop
Why was this solution chosen?
`
Any security threats already considered in the design and why?
`
Threat Brainstorming
- a new tab from private tab
- does not remain private, this is a bug to be fixed (bug 801646)
- how is UI different from desktop UI ? (it's per window for a start)
- UI Mockups for tabs? Currently the tab turns purple..
- test coverage - would like to reuse desktop tests if possible, ones in /browser will need fennec versions
- identify places where things are written to disk - then determine how they should be handled in private browsing mode
- for example, adding to the reading list - this is user initiated and maybe should be allowed to be done in pb mode etc ?
- session restore / OOM killing - fennec can be killed in a low memory situation at any time, and then can be reloaded - we would in that case want to restore PB tabs too
- We want to include PB tabs on OOM restore
- don't want to do this in session store - put it in the Android bundle instead (but does this get written to disk ?)
- chrome does restore private browsing tabs when they're relaunched after an OOM
- addons - need to make sure they don't have access to anything that's temporarily persisted
- Currently they will - see the Java / addons bug - 799631 and referenced (review to follow).
{{#set: SecReview feature goal=* port same private browsing features we have on desktop to our mobile platform
- this is a per tab attribute
- Most of the outstanding work is the platform bugs referenced in pb - the exception is the new tab issue (801646).
|SecReview alt solutions=* parity with desktop |SecReview solution chosen=' |SecReview threats considered=' |SecReview threat brainstorming=* a new tab from private tab
- does not remain private, this is a bug to be fixed (bug 801646)
- how is UI different from desktop UI ? (it's per window for a start)
- UI Mockups for tabs? Currently the tab turns purple..
- test coverage - would like to reuse desktop tests if possible, ones in /browser will need fennec versions
- identify places where things are written to disk - then determine how they should be handled in private browsing mode
- for example, adding to the reading list - this is user initiated and maybe should be allowed to be done in pb mode etc ?
- session restore / OOM killing - fennec can be killed in a low memory situation at any time, and then can be reloaded - we would in that case want to restore PB tabs too
- We want to include PB tabs on OOM restore
- don't want to do this in session store - put it in the Android bundle instead (but does this get written to disk ?)
- chrome does restore private browsing tabs when they're relaunched after an OOM
- addons - need to make sure they don't have access to anything that's temporarily persisted
- Currently they will - see the Java / addons bug - 799631 and referenced (review to follow).
}}
Action Items
Action Item Status | In Progress | ||||||||||||
Release Target | ` | ||||||||||||
Action Items | |||||||||||||
2 Total; 0 Open (0%); 2 Resolved (100%); 0 Verified (0%); |
{{#set:|SecReview action item status=In Progress
|Feature version=`
|SecReview action items=
ID | Summary | Priority | Status |
---|---|---|---|
804596 | Places where PB stops writes happening | -- | RESOLVED |
804597 | PB Test coverage | -- | RESOLVED |
2 Total; 0 Open (0%); 2 Resolved (100%); 0 Verified (0%);
}}