WebAPI/WidgetAPI: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
Line 36: Line 36:
**setVisible()
**setVisible()
**getVisible()
**getVisible()
**purgeHistory()


*Event methods
*Event methods
Line 75: Line 74:
**<strike>getCanGoForward()</strike>
**<strike>getCanGoForward()</strike>
**<strike>goForward()</strike>
**<strike>goForward()</strike>
*Performance methods
**strike>purgeHistory()</strike>


==Bugs==
==Bugs==

Revision as of 03:48, 23 May 2014

Goals

The widget API allows privileged APPs have ability to embed APPs in their own iframe, i.e. homescreen, lockscreen ....etc.

Use case

Proposal

embed-widgets bug 1005818

In order to expose to privileged APPs and consider security issue.

  • "embed-widgets" is a new permission for "mozapp" attribute, it comes from 'embed-apps' but is more restricted. Please refer to next section.
  • Set manifest entry in "widget" attribute.
 <iframe mozapp="manifesturl" widget="mywidget1">

extend manifest.webapp

Declare details of widget in mainfest. 

 {
   name: "MyApp2000",
   ...
   widgets: {
     "mywidget1": {
       href: "widget.html"
       positions: ["homescreen", "lockscreen"]
       description: "This is my cool widget"
      },
      "myotherwidget": { ... }
   }
 }

Restriction

Issues under discussion

Browser API

Need to clarify which methods/Events are safe or unsafe.

Not security sensitive

  • Performance methods
    • setVisible()
    • getVisible()
  • Event methods
    • addNextPaintListener()
    • removeNextPaintListener()
  • Events
    • mozbrowserasyncscroll
    • mozbrowserclose
    • mozbrowsererror
    • mozbrowserloadend
    • mozbrowserloadstart

Security sensitive

  • Event methods
    • sendMouseEvent() - cross-origin interaction, can cause unexpected actions in web apps
    • sendTouchEvent() - cross-origin interaction, can cause unexpected actions in web apps
  • getScreenshot()
  • Events
    • mozbrowserusernameandpasswordrequired - leaks host and realm
    • mozbrowseropenwindow (i.e. window.open)
    • mozbrowsershowmodalprompt (i.e. alert(), confirm(), prompt())
    • mozbrowsercontextmenu
    • mozbrowsersecuritychange - can tell is page is https or not
    • mozbrowserlocationchange - discloses URL (can contain secrets)
    • mozbrowsericonchange - discloses the icon URL. Might be a privacy issue.
    • mozbrowsertitlechange - discloses title, privacy issue.
    • mozbrowseropensearch - I assume this discloses the link value, maybe a privacy issue?

no use case

  • Navigation methods
    • reload()
    • stop()
    • getCanGoBack()
    • goBack()
    • getCanGoForward()
    • goForward()
  • Performance methods
    • strike>purgeHistory()

Bugs

Retrieved from "https://wiki.allizom.org/index.php?title=WebAPI/WidgetAPI&oldid=981930"