Confirmed users
717
edits
WebAPI/Security/Settings: Difference between revisions
→Regular web content (unauthenticated)
No edit summary |
|||
| Line 15: | Line 15: | ||
*Use cases for unauthenticated code: Read/change non-sensitive settings | *Use cases for unauthenticated code: Read/change non-sensitive settings | ||
*Authorization model for normal content: None | *Authorization model for normal content: None | ||
*Authorization model for installed content: Implicit read access to limited settings. Write access | *Authorization model for installed content: Implicit read access to limited settings. Write access via web intents. | ||
*Potential mitigations: Only non-sensitive settings will be exposed to regular apps. | *Potential mitigations: Only non-sensitive settings will be exposed to regular apps. | ||
== Trusted (authenticated by publisher) == | == Trusted (authenticated by publisher) == | ||