Closed
Bug 1068048
Opened 10 years ago
Closed 6 years ago
Should check wifi-manage permission in TetheringManager
Categories
(Firefox OS Graveyard :: Wifi, defect)
Tracking
(Not tracked)
RESOLVED
WONTFIX
2.1 S3 (29aug)
People
(Reporter: dlee, Unassigned)
Details
In bug 936367, Comment30 , we should check permission according to different tethering type.
Reporter | ||
Comment 1•10 years ago
|
||
We already check wifi-manage permission in WifiWorker.js , should we still check it in DOM layer ?
Reporter | ||
Comment 2•10 years ago
|
||
Hi Paul, According to your comment in bug 936367, Comment30. If TetheringManager is certified API only, we could just check corresponding permission according to different tethering type for setTetheringEnabled API. http://dxr.mozilla.org/mozilla-central/source/dom/tethering/TetheringManager.js#76 In previous patch I did not check permission in content process DOM layer(TetheringManager.js) But this API will eventually send message to chrome process and it will check wifi-manage permission in WifiWorker.js http://dxr.mozilla.org/mozilla-central/source/dom/wifi/WifiWorker.js?from=WifiWorker.js&case=true#2709 In this case, do we still have to check wifi-manage permission in DOM layer (TetheringManager.js)? Thanks for help !
Flags: needinfo?(ptheriault)
Comment 3•10 years ago
|
||
Yes you should check in both places - check in the DOM to reduce attack surface exposed to the web, and check in the parent to enforce security. But in the patch in bug 936367, we already have a certified apps check, so only certified apps will see the navigator.mozTethering manager. This might be enough in this case. For consistency though, you may want to just copy mozWifiManager and implement a hasNavigator::HasTetheringManagerSupport function. See this code here: http://dxr.mozilla.org/mozilla-central/source/dom/webidl/MozWifiManager.webidl#63
Flags: needinfo?(ptheriault)
Reporter | ||
Comment 4•8 years ago
|
||
Not actively working on b2g
Assignee: dlee → nobody
Status: ASSIGNED → NEW
Comment 5•6 years ago
|
||
Firefox OS is not being worked on
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•