Closed Bug 927831 Opened 11 years ago Closed 6 years ago

[geckoview] Support running without special permissions

Categories

(GeckoView :: General, defect, P1)

Product:
GeckoView
Component:
General
Platform:
x86_64
Linux
Type:
defect

Tracking

(firefox62 fixed)

Status:
RESOLVED FIXED
Milestone:
mozilla62
Tracking Flags:
Tracking Status
firefox62 --- fixed

People

(Reporter: BenB, Assigned: snorp)

References

(
URL
)

Details

(Whiteboard: [geckoview:klar])

Attachments

(1 file)

Bug 927831 - Remove sensitive permissions from GeckoView
59 bytes, text/x-review-board-request
jchen
: review+
Details
I'd like to embed GeckoView as runtime engine for a local webapp, local meaning that all code and data is in the assets and no Internet connection is necessary to run it. As such, it makes sense to not request any permissions when the app is being installed. (Even if I need internet connection sometimes, I don't need realtime connection updates, so I would want only the internet permission, but not the network and WLAN status update permissions. I like apps that asks only for the absolute minimal set of permissions.) Please support that that the app is not granted any one or any of the permissions. The relevant Android API calls would probably fail with an exception, so please make sure that these errors are handled in a way that does not make the browser fail, but only the part that inherently depends on the permission fails. E.g. the internet access should not fail just because Gecko isn't allow to get WLAN status updates. ---- This is just a request. I haven't had a chance to test whether this is already the case or not. If it is, please close this as FIXED, assigned to whoever did the good deed.
Mass change of bugs in the "Embedding: GRE Core" component in preparation for archiving it. I believe that these are no longer relevant; but if they are, they should be reopened and moved into a component relevant to the code in question.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → INCOMPLETE
Product: Core → Core Graveyard
Reopening and moving to Core::Embedding: APIs, where we'll continue to triage and track GeckoView issues.
Status: RESOLVED → REOPENED
Component: Embedding: GRE Core → Embedding: APIs
Product: Core Graveyard → Core
Resolution: INCOMPLETE → ---
Component: Embedding: APIs → GeckoView
Product: Core → Firefox for Android
Version: unspecified → Trunk
Priority: -- → P2
P1 from duped bug.
Priority: P2 → P1
Whiteboard: [geckoview:klar]
Assignee: nobody → snorp
Comment on attachment 8973266 [details] Bug 927831 - Remove sensitive permissions from GeckoView https://reviewboard.mozilla.org/r/241730/#review247592 We should document these removed permissions somewhere so consumers know what permissions they need to add.
Attachment #8973266 - Flags: review?(nchen) → review+
Comment on attachment 8973266 [details] Bug 927831 - Remove sensitive permissions from GeckoView Can you take another look, please? I added package-level documentation which includes some discussion on the permissions.
Attachment #8973266 - Flags: review+ → review?(nchen)
Comment on attachment 8973266 [details] Bug 927831 - Remove sensitive permissions from GeckoView https://reviewboard.mozilla.org/r/241730/#review247660 Looks okay!
Attachment #8973266 - Flags: review?(nchen) → review+
Pushed by jwillcox@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/268f3dfc9dee Remove sensitive permissions from GeckoView r=jchen
Pushed by jwillcox@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/31ad29175009 Remove sensitive permissions from GeckoView r=jchen
Flags: needinfo?(snorp)
https://hg.mozilla.org/mozilla-central/rev/31ad29175009
Status: REOPENED → RESOLVED
Closed: 8 years ago6 years ago
status-firefox62: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 62
Product: Firefox for Android → GeckoView
Target Milestone: Firefox 62 → mozilla62
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: