Closed Bug 927831 Opened 6 years ago Closed 2 years ago
[geckoview] Support running without special permissions
59 bytes, text/x-review-board-request
I'd like to embed GeckoView as runtime engine for a local webapp, local meaning that all code and data is in the assets and no Internet connection is necessary to run it. As such, it makes sense to not request any permissions when the app is being installed. (Even if I need internet connection sometimes, I don't need realtime connection updates, so I would want only the internet permission, but not the network and WLAN status update permissions. I like apps that asks only for the absolute minimal set of permissions.) Please support that that the app is not granted any one or any of the permissions. The relevant Android API calls would probably fail with an exception, so please make sure that these errors are handled in a way that does not make the browser fail, but only the part that inherently depends on the permission fails. E.g. the internet access should not fail just because Gecko isn't allow to get WLAN status updates. ---- This is just a request. I haven't had a chance to test whether this is already the case or not. If it is, please close this as FIXED, assigned to whoever did the good deed.
Mass change of bugs in the "Embedding: GRE Core" component in preparation for archiving it. I believe that these are no longer relevant; but if they are, they should be reopened and moved into a component relevant to the code in question.
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → INCOMPLETE
Reopening and moving to Core::Embedding: APIs, where we'll continue to triage and track GeckoView issues.
Status: RESOLVED → REOPENED
Component: Embedding: GRE Core → Embedding: APIs
Product: Core Graveyard → Core
Resolution: INCOMPLETE → ---
3 years ago
Component: Embedding: APIs → GeckoView
Product: Core → Firefox for Android
Version: unspecified → Trunk
Priority: -- → P2
P1 from duped bug.
Priority: P2 → P1
Assignee: nobody → snorp
Comment on attachment 8973266 [details] Bug 927831 - Remove sensitive permissions from GeckoView https://reviewboard.mozilla.org/r/241730/#review247592 We should document these removed permissions somewhere so consumers know what permissions they need to add.
Comment on attachment 8973266 [details] Bug 927831 - Remove sensitive permissions from GeckoView Can you take another look, please? I added package-level documentation which includes some discussion on the permissions.
Attachment #8973266 - Flags: review+ → review?(nchen)
Attachment #8973266 - Flags: review?(nchen)
Comment on attachment 8973266 [details] Bug 927831 - Remove sensitive permissions from GeckoView https://reviewboard.mozilla.org/r/241730/#review247660 Looks okay!
Pushed by firstname.lastname@example.org: https://hg.mozilla.org/integration/mozilla-inbound/rev/268f3dfc9dee Remove sensitive permissions from GeckoView r=jchen
Backed out for GeckoView failures. Push: https://treeherder.mozilla.org/#/jobs?repo=mozilla-inbound&revision=268f3dfc9deed6a1c862649f200fe6b0198480ae Backout: https://treeherder.mozilla.org/#/jobs?repo=mozilla-inbound&revision=f1b4d3c9b9a19461556dbb358fe895ba0f2f6811 Log link: https://treeherder.mozilla.org/logviewer.html#?job_id=177045964&repo=mozilla-inbound&lineNumber=1590
Pushed by email@example.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/31ad29175009 Remove sensitive permissions from GeckoView r=jchen
You need to log in before you can comment on or make changes to this bug.