WebAPI/Security/Contacts

From MozillaWiki
Jump to navigation Jump to search

Name of API: Contacts API

References:

Brief purpose of API: Access to users contacts.

General Use Cases:N/A

Inherent threats:

  • Read/exfiltrate confidential information,
  • Destroy user's contact data
  • DoS via filling address book with bogus data

Threat severity: High

Regular web content (unauthenticated)

Use cases for unauthenticated code: Mediated access to specific (user selected) contact information

Authorization model for uninstalled web content: OS mediated (web activities, or trusted UI)

Authorization model for installed web content: OS mediated (web activities, or trusted UI)

Potential mitigations:

  • App requests a contact via web activities or trusted UI
  • API provides a local identifier instead of the actual contact information

Trusted (authenticated by publisher)

Use cases for authenticated code: Create, read or edit contact information

  • Authorization model: Explicit

Potential mitigations:

  • Let user configure what data is accessible (globally?)
  • Have separate permissions read,create or update/delete? (assuming that many apps only want read, and could use web activities to create a contact if necessary?)

Certified (vouched for by trusted 3rd party)

Use cases for certified code: Create, read or edit contact information

  • Authorization model: Implicit

Potential mitigations: None


Retrieved from "https://wiki.allizom.org/index.php?title=WebAPI/Security/Contacts&oldid=456243"