WebAPI/WidgetAPI: Difference between revisions
< WebAPI
Jump to navigation
Jump to search
Ptheriault (talk | contribs) No edit summary |
|||
| Line 31: | Line 31: | ||
===[https://developer.mozilla.org/zh-TW/docs/WebAPI/Browser#.E5.AD.98.E5.8F.96_%28Navigation%29_.E5.87.BD.E5.BC.8F Browser API]=== | ===[https://developer.mozilla.org/zh-TW/docs/WebAPI/Browser#.E5.AD.98.E5.8F.96_%28Navigation%29_.E5.87.BD.E5.BC.8F Browser API]=== | ||
Need to clarify which methods/Events are safe or unsafe. | Need to clarify which methods/Events are safe or unsafe. | ||
==== | |||
==== No Cross Origin implications==== | |||
*Performance methods | *Performance methods | ||
**setVisible() | **setVisible() | ||
**getVisible() | **getVisible() | ||
**purgeHistory() | **purgeHistory() | ||
*Navigation methods | *Navigation methods | ||
**reload() | **reload() | ||
**stop() | **stop() | ||
*Event methods | *Event methods | ||
**addNextPaintListener() | **addNextPaintListener() | ||
**removeNextPaintListener() | **removeNextPaintListener() | ||
*Events | *Events | ||
**mozbrowserasyncscroll | **mozbrowserasyncscroll | ||
**mozbrowserclose | **mozbrowserclose | ||
**mozbrowsererror | **mozbrowsererror | ||
**mozbrowserloadend | **mozbrowserloadend | ||
**mozbrowserloadstart | **mozbrowserloadstart | ||
==== | |||
==== Cross-origin implications ==== | |||
*Event methods | |||
**sendMouseEvent() - cross-origin interaction, can cause unexpected actions in web apps | |||
**sendTouchEvent() - cross-origin interaction, can cause unexpected actions in web apps | |||
*getScreenshot() | *getScreenshot() | ||
*Navigation methods | |||
*Navigation methods - [pauljt:why are these unsafe?] | |||
**getCanGoBack() | **getCanGoBack() | ||
**goBack() | **goBack() | ||
**getCanGoForward() | **getCanGoForward() | ||
**goForward() | **goForward() | ||
*Events | *Events | ||
**mozbrowserusernameandpasswordrequired | **mozbrowserusernameandpasswordrequired - leaks host and realm | ||
**mozbrowseropenwindow (i.e. window.open) | **mozbrowseropenwindow (i.e. window.open) | ||
**mozbrowsershowmodalprompt (i.e. alert(), confirm(), prompt()) | **mozbrowsershowmodalprompt (i.e. alert(), confirm(), prompt()) | ||
**mozbrowsercontextmenu | **mozbrowsercontextmenu | ||
**mozbrowsersecuritychange | **mozbrowsersecuritychange - can tell is page is https or not | ||
**mozbrowserlocationchange - discloses URL (can contain secrets) | |||
**mozbrowsericonchange - discloses the icon URL. Might be a privacy issue. | |||
**mozbrowsertitlechange - discloses title, privacy issue. | |||
**mozbrowseropensearch - I assume this discloses the link value, maybe a privacy issue? | |||
==Bugs== | ==Bugs== | ||
Revision as of 11:14, 21 May 2014
Goals
The widget API allows privileged APPs have ability to embed APPs in their own iframe, i.e. homescreen, lockscreen ....etc.
Use case
Proposal
embed-widgets bug 1005818
In order to expose to privileged APPs and consider security issue.
- "embed-widgets" is a new permission for "mozapp" attribute, it comes from 'embed-apps' but is more restricted. Please refer to next section.
- Set manifest entry in "widget" attribute.
<iframe mozapp="manifesturl" widget="mywidget1">
extend manifest.webapp
Declare details of widget in mainfest.
{
name: "MyApp2000",
...
widgets: {
"mywidget1": {
href: "widget.html"
positions: ["homescreen", "lockscreen"]
description: "This is my cool widget"
},
"myotherwidget": { ... }
}
}
Restriction
Issues under discussion
Browser API
Need to clarify which methods/Events are safe or unsafe.
No Cross Origin implications
- Performance methods
- setVisible()
- getVisible()
- purgeHistory()
- Navigation methods
- reload()
- stop()
- Event methods
- addNextPaintListener()
- removeNextPaintListener()
- Events
- mozbrowserasyncscroll
- mozbrowserclose
- mozbrowsererror
- mozbrowserloadend
- mozbrowserloadstart
Cross-origin implications
- Event methods
- sendMouseEvent() - cross-origin interaction, can cause unexpected actions in web apps
- sendTouchEvent() - cross-origin interaction, can cause unexpected actions in web apps
- getScreenshot()
- Navigation methods - [pauljt:why are these unsafe?]
- getCanGoBack()
- goBack()
- getCanGoForward()
- goForward()
- Events
- mozbrowserusernameandpasswordrequired - leaks host and realm
- mozbrowseropenwindow (i.e. window.open)
- mozbrowsershowmodalprompt (i.e. alert(), confirm(), prompt())
- mozbrowsercontextmenu
- mozbrowsersecuritychange - can tell is page is https or not
- mozbrowserlocationchange - discloses URL (can contain secrets)
- mozbrowsericonchange - discloses the icon URL. Might be a privacy issue.
- mozbrowsertitlechange - discloses title, privacy issue.
- mozbrowseropensearch - I assume this discloses the link value, maybe a privacy issue?