Closed Bug 927831 Opened 6 years ago Closed 2 years ago

[geckoview] Support running without special permissions

Categories

(GeckoView :: General, defect, P1)

x86_64
Linux
defect

Tracking

(firefox62 fixed)

RESOLVED FIXED
mozilla62
Tracking Status
firefox62 --- fixed

People

(Reporter: BenB, Assigned: snorp)

References

()

Details

(Whiteboard: [geckoview:klar])

Attachments

(1 file)

I'd like to embed GeckoView as runtime engine for a local webapp, local meaning that all code and data is in the assets and no Internet connection is necessary to run it.

As such, it makes sense to not request any permissions when the app is being installed. 

(Even if I need internet connection sometimes, I don't need realtime connection updates, so I would want only the internet permission, but not the network and WLAN status update permissions. I like apps that asks only for the absolute minimal set of permissions.)

Please support that that the app is not granted any one or any of the permissions. The relevant Android API calls would probably fail with an exception, so please make sure that these errors are handled in a way that does not make the browser fail, but only the part that inherently depends on the permission fails. E.g. the internet access should not fail just because Gecko isn't allow to get WLAN status updates.

----

This is just a request. I haven't had a chance to test whether this is already the case or not. If it is, please close this as FIXED, assigned to whoever did the good deed.
Mass change of bugs in the "Embedding: GRE Core" component in preparation for archiving it. I believe that these are no longer relevant; but if they are, they should be reopened and moved into a component relevant to the code in question.
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → INCOMPLETE
Product: Core → Core Graveyard
Reopening and moving to Core::Embedding: APIs, where we'll continue to triage and track GeckoView issues.
Status: RESOLVED → REOPENED
Component: Embedding: GRE Core → Embedding: APIs
Product: Core Graveyard → Core
Resolution: INCOMPLETE → ---
Component: Embedding: APIs → GeckoView
Product: Core → Firefox for Android
Version: unspecified → Trunk
Priority: -- → P2
Duplicate of this bug: 1317199
P1 from duped bug.
Priority: P2 → P1
Duplicate of this bug: 1445290
Whiteboard: [geckoview:klar]
Assignee: nobody → snorp
Duplicate of this bug: 1298529
Comment on attachment 8973266 [details]
Bug 927831 - Remove sensitive permissions from GeckoView

https://reviewboard.mozilla.org/r/241730/#review247592

We should document these removed permissions somewhere so consumers know what permissions they need to add.
Attachment #8973266 - Flags: review?(nchen) → review+
Comment on attachment 8973266 [details]
Bug 927831 - Remove sensitive permissions from GeckoView

Can you take another look, please? I added package-level documentation which includes some discussion on the permissions.
Attachment #8973266 - Flags: review+ → review?(nchen)
Comment on attachment 8973266 [details]
Bug 927831 - Remove sensitive permissions from GeckoView

https://reviewboard.mozilla.org/r/241730/#review247660

Looks okay!
Attachment #8973266 - Flags: review?(nchen) → review+
Pushed by jwillcox@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/268f3dfc9dee
Remove sensitive permissions from GeckoView r=jchen
Pushed by jwillcox@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/31ad29175009
Remove sensitive permissions from GeckoView r=jchen
Flags: needinfo?(snorp)
https://hg.mozilla.org/mozilla-central/rev/31ad29175009
Status: REOPENED → RESOLVED
Closed: 4 years ago2 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 62
Product: Firefox for Android → GeckoView
Target Milestone: Firefox 62 → mozilla62
You need to log in before you can comment on or make changes to this bug.