WebAPI/Security/MobileConnection: Difference between revisions

WebAPI/Security/MobileConnection (view source)

158 bytes removed , 24 September 2012

no edit summary

canmove, Confirmed users

1,220

edits

@@ Line 1: / Line 1: @@
-Name of API: Mobile Connection API
+== Mobile Connection API ==
-References:
-*https://wiki.mozilla.org/WebAPI/WebMobileConnection
-*Security discussion: https://groups.google.com/d/topic/mozilla.dev.webapps/WKMpHavP9-Y/discussion
 Brief purpose of API: This exposes information about the current mobile voice and data  connection to (certain) HTML content.
@@ Line 22: / Line 17: @@
 Threat severity: High
-== Regular web content (unauthenticated) ==
+References:
-Use cases for unauthenticated code: None
+*https://wiki.mozilla.org/WebAPI/WebMobileConnection
+*Security discussion: https://groups.google.com/d/topic/mozilla.dev.webapps/WKMpHavP9-Y/discussion
-Authorization model for normal content: None
-Potential mitigations:  None
-== Privileged (approved by app store) ==
-Use cases for authenticated code: None
-Authorization model: None
-Potential mitigations: None
-== Certified (system-critical apps) ==
-Use cases for certified code: Telephone status UI
-Authorization model: Implicit
-Potential mitigations: None
+{| border="1" class="wikitable"
+! Type
+! Use Cases
+! Authorization Model
+! Notes & Other Controls
+|-
+| Web Content || None || No access
+|-
+| Installed Web Apps || None || No access
+|-
+| Privileged Web Apps || None || No access
+|-
+| Certified Web Apps ||  Telephone status UI || Implicit
+|}
-==Notes==
+=== Notes ===
 Some radio feature are also accessible via Settings API
 __NOTOC__