Confirmed users
971
edits
Security/Reviews/Gaia/Contacts: Difference between revisions
Jump to navigation
Jump to search
→new
(→new) |
|||
| Line 56: | Line 56: | ||
===== new ===== | ===== new ===== | ||
The new activity is used to create a new contact. It opens | The new activity is used to create a new contact. It opens the contact editor screen. | ||
"new": { | "new": { | ||
| Line 67: | Line 67: | ||
}, | }, | ||
TODO The activity handler copies all parameters from activity.source.params to the request params. Is it possible to cause anything bad there? | TODO The activity handler copies all parameters from activity.source.params to the request params. Is it possible to cause anything bad there? It seems to pass an 'id' and 'extras' parameter. | ||
The actual contact editor is shown at https://github.com/mozilla-b2g/gaia/blob/v1-train/apps/communications/contacts/js/contacts.js#L68 | |||
If an id was passed as a request param then addExtrasToContact is called to process the extras param which is a JSON encoded object. The fields of the extras object are added to the existing contact. | |||
TODO: It seems that it is possible to add any kind of field to a contact? | |||
TODO How to obtain contact ids? | |||
===== pick ===== | ===== pick ===== | ||