Closed
Bug 755950
Opened 12 years ago
Closed 5 months ago
SecReview: Provide a thumbnail service
Categories
(mozilla.org :: Security Assurance: Review Request, task)
mozilla.org
Security Assurance: Review Request
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: curtisk, Unassigned)
References
Details
(Whiteboard: [pending secreview][Fx])
Tim, the security assurance team has some concerns over the protocol being used around this service and I believe we may want to look into this a bit deeper than what is happening for the privacy review. Please answer the questions below or assign this bug to someone who can take point on it that would be great. 1) Who is/are the point of contact(s) for this review? 2) Please provide a short description of the feature / application (e.g. problem solved, use cases, etc.): 3) Please provide links to additional information (e.g. feature page, wiki) if available and not yet included in feature description: 4) Does this request block another bug? If so, please indicate the bug number 5) This review will be scheduled amongst other requested reviews. What is the urgency or needed completion date of this review? 6) To help prioritize this work request, does this project support a goal specifically listed on this quarter's goal list? If so, which goal? 7) Please answer the following few questions: (Note: If you are asked to describe anything, 1-2 sentences shall suffice.) 8) Does this feature or code change affect Firefox, Thunderbird or any product or service the Mozilla ships to end users? 9) Are there any portions of the project that interact with 3rd party services? 10) Will your application/service collect user data? If so, please describe 11) If you feel something is missing here or you would like to provide other kind of feedback, feel free to do so here (no limits on size):
![]() |
Reporter | |
Updated•11 years ago
|
Whiteboard: [pending secreview][start mm/dd/yyyy][target mm/dd/yyyy] → [pending secreview][needs info]
![]() |
Reporter | |
Comment 1•11 years ago
|
||
so the bug this is blocking is resolved yet the sec-review was not done...can you please update me on the status so we can get this scheduled/completed?
Flags: needinfo?(ttaubert)
![]() |
Reporter | |
Updated•11 years ago
|
Whiteboard: [pending secreview][needs info] → [pending secreview]
Comment 2•11 years ago
|
||
This completely slipped off my plate, sorry. Feel free to ping me directly next time. The feature has already landed as you might know but I'll still try to answer some questions to get this done.... (In reply to Curtis Koenig [:curtisk] from comment #0) > 1) Who is/are the point of contact(s) for this review? Yoric and me I guess. There's also a couple more people in the Fx Desktop team that know how it works. > 2) Please provide a short description of the feature / application (e.g. > problem solved, use cases, etc.): The thumbnail service captures thumbnails of pages the user visits to use them for various features in the product (e.g. about:newtab). We're also currently preparing a background service that will be able to load privacy-sensitive pages in "private mode" (without any cookies, etc.) to capture screenshot of those pages (bug 841495). We currently don't capture thumbnails of Facebook but with the new feature we'll capture the start page of it, without the user being logged in. > 8) Does this feature or code change affect Firefox, Thunderbird or any > product or service the Mozilla ships to end users? Firefox. It's recently been moved to Toolkit so that Metro can use it, too. And maybe other products in the future. > 9) Are there any portions of the project that interact with 3rd party > services? No. > 10) Will your application/service collect user data? If so, please describe Yes, screenshots of pages visited, stored in $ProfLD/thumbnails/. We do not capture thumbs for pages that send a Cache-Control:no-store header (bug 850685) but we currently still do for pages that for example have a CC:no-store iframe (bug 823829).
Flags: needinfo?(ttaubert)
![]() |
Reporter | |
Updated•11 years ago
|
Assignee: ttaubert → nobody
Whiteboard: [pending secreview] → [pending secreview][triage needed]
Updated•11 years ago
|
Assignee: nobody → dveditz
Whiteboard: [pending secreview][triage needed] → [pending secreview]
Updated•11 years ago
|
Whiteboard: [pending secreview] → [pending secreview][Fx]
Updated•5 months ago
|
Assignee: dveditz → nobody
Status: NEW → RESOLVED
Closed: 5 months ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•