canmove, Confirmed users
1,220
edits
WebAPI/Security/WebTelephony: Difference between revisions
→Trusted (authenticated by publisher)
Ptheriault (talk | contribs) |
Ptheriault (talk | contribs) |
||
| Line 25: | Line 25: | ||
== Trusted (authenticated by publisher) == | == Trusted (authenticated by publisher) == | ||
Use cases for authenticated code: | Use cases for authenticated code: Fun dialers (eg. rotary dialer) | ||
*Authorization model: explicit (web activities) | |||
Authorization model: explicit (web activities) | *Potential mitigations: When user clicks on a phone number, app triggers a web activity to initiate the call. User interaction required to trigger. | ||
== Certified (vouched for by trusted 3rd party) == | == Certified (vouched for by trusted 3rd party) == | ||