Closed
Bug 1058319
Opened 10 years ago
Closed 10 years ago
Add a geolocation-noprompt permission
Categories
(Firefox OS Graveyard :: Runtime, defect)
Tracking
(blocking-b2g:2.0+, firefox32 wontfix, firefox33 wontfix, firefox34 fixed, b2g-v2.0 fixed, b2g-v2.1 fixed)
People
(Reporter: fabrice, Assigned: fabrice)
References
Details
Attachments
(2 files, 2 obsolete files)
2.09 KB,
patch
|
gwagner
:
review+
|
Details | Diff | Splinter Review |
1.76 KB,
patch
|
fabrice
:
review+
|
Details | Diff | Splinter Review |
That will let certified apps use the geolocation api without prompting the user. This is needed for FMD.
Assignee | ||
Comment 1•10 years ago
|
||
Attachment #8478694 -
Flags: review?(anygregor)
Assignee | ||
Comment 2•10 years ago
|
||
Tested by setting geolocation-noprompt in the camera app and checking that the geolocation was included in the picture's meta-data.
Attachment #8478694 -
Attachment is obsolete: true
Attachment #8478694 -
Flags: review?(anygregor)
Attachment #8478721 -
Flags: review?(anygregor)
Comment 3•10 years ago
|
||
Comment on attachment 8478721 [details] [diff] [review] geolocation-noprompt.patch Review of attachment 8478721 [details] [diff] [review]: ----------------------------------------------------------------- Thanks!
Attachment #8478721 -
Flags: review?(anygregor) → review+
Comment 4•10 years ago
|
||
Adding Jonas and Andrew so they are aware that we made this change.
Flags: needinfo?(overholt)
Flags: needinfo?(jonas)
Assignee | ||
Comment 5•10 years ago
|
||
[Blocking Requested - why for this release]: This is a very low risk change that improves the security of the fmd app (see https://bugzilla.mozilla.org/show_bug.cgi?id=1058330#c1).
blocking-b2g: --- → 2.0?
Assignee | ||
Comment 6•10 years ago
|
||
https://hg.mozilla.org/integration/b2g-inbound/rev/883564cbc9a3
Comment on attachment 8478721 [details] [diff] [review] geolocation-noprompt.patch Review of attachment 8478721 [details] [diff] [review]: ----------------------------------------------------------------- ::: dom/apps/src/PermissionsTable.jsm @@ +38,5 @@ > certified: PROMPT_ACTION > }, > + "geolocation-noprompt": { > + app: PROMPT_ACTION, > + privileged: PROMPT_ACTION, Shouldn't these two be set to DENY? Not that important, but seems like the right thing to do.
Assignee | ||
Comment 8•10 years ago
|
||
(In reply to Jonas Sicking (:sicking) from comment #7) > Comment on attachment 8478721 [details] [diff] [review] > geolocation-noprompt.patch > > Review of attachment 8478721 [details] [diff] [review]: > ----------------------------------------------------------------- > > ::: dom/apps/src/PermissionsTable.jsm > @@ +38,5 @@ > > certified: PROMPT_ACTION > > }, > > + "geolocation-noprompt": { > > + app: PROMPT_ACTION, > > + privileged: PROMPT_ACTION, > > Shouldn't these two be set to DENY? Not that important, but seems like the > right thing to do. We can do that if you really care, but I didn't think of any reason do make it different from the default geolocation one.
silently treating geolocation-noprompt as geolocation seems bad. So yeah, I think we should DENY. (Separately, I wish that we rejected installing any apps that ask for a permission which has DENY for the apps app-type, but that's of course separate)
Flags: needinfo?(jonas)
Comment 10•10 years ago
|
||
sorry had to backout this change since i guess this caused https://tbpl.mozilla.org/php/getParsedLog.php?id=46751241&tree=B2g-Inbound
Updated•10 years ago
|
Flags: needinfo?(overholt)
Updated•10 years ago
|
blocking-b2g: 2.0? → 2.0+
Assignee | ||
Comment 11•10 years ago
|
||
I changed the permissions to deny for non-certified apps, and fixed an issue we had with substitute permissions in the reverse table. We were overriding the non-substituted version and end up with a bad value in isExplicitInPermissionsTable().
Attachment #8478721 -
Attachment is obsolete: true
Attachment #8480877 -
Flags: review?(anygregor)
Updated•10 years ago
|
Attachment #8480877 -
Flags: review?(anygregor) → review+
Comment 12•10 years ago
|
||
Requires Fabrice's patch
Assignee | ||
Updated•10 years ago
|
Attachment #8480888 -
Flags: review+
Assignee | ||
Comment 13•10 years ago
|
||
https://hg.mozilla.org/integration/b2g-inbound/rev/c108c1bcce79 https://hg.mozilla.org/integration/b2g-inbound/rev/e7529ddd2e28
Comment 14•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/c108c1bcce79 https://hg.mozilla.org/mozilla-central/rev/e7529ddd2e28
Status: NEW → RESOLVED
Closed: 10 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → 2.1 S3 (29aug)
Comment 15•10 years ago
|
||
https://hg.mozilla.org/releases/mozilla-b2g32_v2_0/rev/bfcef4ab3a95 https://hg.mozilla.org/releases/mozilla-b2g32_v2_0/rev/b5eba200ce50
status-b2g-v2.0:
--- → fixed
status-b2g-v2.1:
--- → fixed
status-firefox32:
--- → wontfix
status-firefox33:
--- → wontfix
status-firefox34:
--- → fixed
You need to log in
before you can comment on or make changes to this bug.
Description
•