Closed
Bug 739474
Opened 13 years ago
Closed 12 years ago
Security Review for Geolocation WebAPI Changes
Categories
(mozilla.org :: Security Assurance: Review Request, task)
mozilla.org
Security Assurance: Review Request
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: Arreth, Assigned: curtisk)
References
()
Details
(Whiteboard: [secreview complete][action items pending])
>Who is/are the point of contact(s) for this review?
Josh Dhaliwal (jdhaliwal@mozilla.com) and Doug Turner (dougt@mozilla.com)
>Please provide a short description of the feature / application (e.g. problem solved, use cases, etc.):
Changes to the geolocation API specification, and implementation of these changes in the geolocation WebAPI.
>Please provide links to additional information (e.g. feature page, wiki) if available and not yet included in feature description:
1) http://arreth.wordpress.com/2012/03/14/ch-ch-ch-ch-changes-to-geolocation-api-specifcations-2-2/
2) http://arreth.wordpress.com/2012/03/13/proposed-changes-to-geolocation-api-specification/
>Does this request block another bug? If so, please indicate the bug number
The bug associated with this feature is bug 735863
>This review will be scheduled amongst other requested reviews. What is the urgency or needed completion date of this review?
A security review would be necessary before the code can be pushed to moz-central. As for a specific date, :dougt would have a more concrete timeline for the project. Preferably this week I'm guessing.
>Does this feature or code change affect Firefox, Thunderbird or any product or service the Mozilla ships to end users?
The end users are somewhat affected by these changes, in that they must give permission to utilize geolocational features, but the the changes will mostly affect developers who plan to use Mozilla's geolocation WebAPI.
>Are there any portions of the project that interact with 3rd party services?
The changes would involve various 3rd party reverse geocoding services. These 3rd party services would differ depending on the platform that the code is running on (e.g. Google reverse geocoding services for Android).
>Will your application/service collect user data? If so, please describe
The code changes will involve collection (but not storage) of user data, so that we can collect the user's position from a geolocation provider in order to run a reverse geocoding service on that data.
>If you feel something is missing here or you would like to provide other kind of feedback, feel free to do so here (no limits on size):
:dougt can feel free to fill in any missing points from what I've said. If any other comments/information is needed, feel free to comment.
>Desired Date of review (if known from https://mail.mozilla.com/home/ckoenig@mozilla.com/Security%20Review.html) and whom to invite.
Desired Date: March 28th, 2012 (same time as :dougt's device proximity sec-review)
If this is not possible, please let us know and we can arrange another date.
Reporter | ||
Updated•13 years ago
|
Assignee | ||
Updated•13 years ago
|
Assignee: nobody → curtisk
Whiteboard: [pending secreview]
Assignee | ||
Comment 1•13 years ago
|
||
review sched for 28-Mar-2012
Blocks: 735863
Whiteboard: [review sched]
Assignee | ||
Updated•13 years ago
|
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Whiteboard: [review sched] → [secr:curtisk:action items]
Assignee | ||
Updated•13 years ago
|
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Assignee | ||
Updated•13 years ago
|
Status: REOPENED → ASSIGNED
Assignee | ||
Updated•13 years ago
|
Whiteboard: [secr:curtisk:action items] → [sec-assigned:curtisk:action items]
Assignee | ||
Updated•13 years ago
|
Keywords: sec-review-needed
Whiteboard: [sec-assigned:curtisk:action items] → [in-progress secreview][action items]
Assignee | ||
Updated•12 years ago
|
Whiteboard: [in-progress secreview][action items] → [secreview complete][action items]
Assignee | ||
Comment 3•12 years ago
|
||
secreivew is done but has action items, as such this is resolved-fixed, when dependant bugs are cleared this can be resolved
Status: ASSIGNED → RESOLVED
Closed: 13 years ago → 12 years ago
Resolution: --- → FIXED
Whiteboard: [secreview complete][action items] → [secreview complete][action items pending]
You need to log in
before you can comment on or make changes to this bug.
Description
•