MozillaWiki

WebAPI/Security/Idle: Difference between revisions

Page Discussion

WebAPI/Security/Idle (view source)

Revision as of 05:34, 4 August 2012

66 bytes removed ,  4 August 2012
no edit summary
No edit summary
No edit summary
Line 3: Line 3:


Brief purpose of API: Notify an app if the user is idle
Brief purpose of API: Notify an app if the user is idle
General Use Cases: Notify a web page is a user is idle (e.g. to change a status in an instant messaging program)
General Use Cases: Notify a web page is a user is idle (e.g. to change a status in an instant messaging program).


Inherent threats:
Inherent threats:
Line 13: Line 13:


== Regular web content (unauthenticated) ==
== Regular web content (unauthenticated) ==
Use cases for unauthenticated code: IM chats that need to detect when user is AFK.
Use cases for unauthenticated code: N/A


Authorization model for normal content: None
Authorization model for normal content: None
Line 23: Line 23:
* Provide only page idle not system idle, where privacy is a concern
* Provide only page idle not system idle, where privacy is a concern


== Trusted (authenticated by publisher) ==
== Privileged (authenticated by publisher) ==
Use cases for authenticated code: As per unauthenticated
Use cases for authenticated code: N/A


Authorization model: Implicit
Authorization model: None


Potential mitigations: Implicit
Potential mitigations: None


== Certified (vouched for by trusted 3rd party) ==
== Certified (vouched for by trusted 3rd party) ==
Ladamski
Confirmed users
717

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/457783"