Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add security and privacy section #25

Merged
merged 10 commits into from
Mar 3, 2016
Merged

add security and privacy section #25

merged 10 commits into from
Mar 3, 2016

Conversation

timvolodine
Copy link
Contributor

to address issue #24

@richtr
Copy link
Member

richtr commented Feb 9, 2016

https://github.com/w3c/deviceorientation/pull/25/files#diff-87104462239df473f9aa72c3bb6ad124R641:

fire events only on the top-level browsing context or same-origin nested iframes

Should this be an 'and'? We should try to recommend a single idea here for compatibility purposes.

@martinthomson
Copy link
Member

Why not restrict this to secure contexts instead? That has a robust definition. I don't see it as actually helping with the problems that this describes, but the definition is precise enough for this.

@maryammjd
Copy link

@timvolodine
The security discussion is nice, however the security and privacy risks associated with this issue are more than fingerprinting the mobile devices. As we discussed it with the W3C Geolocation Working Group via emails, our paper (published in the Journal of Information Security and Applications) shows that these sensor measurements can reveal the user's PINs. It is worth mentioning this level of security risks in the security consideration section.

-Maryam (m.mehrnezhad@ncl.ac.uk)

@maryammjd
Copy link

Free link to the paper:
http://arxiv.org/abs/1602.04115

@timvolodine
Copy link
Contributor Author

okay I think I've addressed all comments, in particular

  • added secure contexts
  • added reference to the paper

I'll merge if there are no objections :)

timvolodine added a commit that referenced this pull request Mar 3, 2016
@timvolodine
Merge pull request #25 from w3c/timvolodine-patch-security-section
bd177fc 
add security and privacy section
@timvolodine timvolodine merged commit bd177fc into gh-pages Mar 3, 2016
@rakuco rakuco mentioned this pull request Jan 30, 2024
Closed
rakuco added a commit that referenced this pull request Jan 31, 2024
@rakuco
Replace same-origin Security & Privacy requirement with Permissions P…
2fde787 
…olicy one

This addresses a conflict that was introduced in #121:

- The presence of the Permissions Policy integration means usage of the
  Device Orientation API can be allowed in third-party iframes provided that
  the right tokens are in place.
- The "Security and privacy considerations" section contains a requirement
  that events are fired only on child navigables that are same-origin with
  the top-level traversable.

The latter was introduced in #25 and served as a stop-gap measure before
Permissions Policy integration was added.

The current implementation status is:
- Blink never implemented the same-origin requirement, but added Permissions
  Policy integration in 2018.
- WebKit has always implemented Permissions Policy integration.
- Gecko implements the same-origin requirement (see Mozilla bug 1197901).

This means we can safely replace the same-origin requirement with a
requirement to support the Permissions Policy integration, as switching from
one to the other is transparent in the sense that the exact same set of
websites that worked before will continue to work with the change, as the
features we define have a default allowlist of "self".

Fixes #133
@rakuco rakuco mentioned this pull request Jan 31, 2024
Merged
rakuco added a commit that referenced this pull request Jan 31, 2024
@rakuco
Replace same-origin Security & Privacy requirement with Permissions P…
a1bee02 
…olicy one (#136)

This addresses a conflict that was introduced in #121:

- The presence of the Permissions Policy integration means usage of the
  Device Orientation API can be allowed in third-party iframes provided that
  the right tokens are in place.
- The "Security and privacy considerations" section contains a requirement
  that events are fired only on child navigables that are same-origin with
  the top-level traversable.

The latter was introduced in #25 and served as a stop-gap measure before
Permissions Policy integration was added.

The current implementation status is:
- Blink never implemented the same-origin requirement, but added Permissions
  Policy integration in 2018.
- WebKit has always implemented Permissions Policy integration.
- Gecko implements the same-origin requirement (see Mozilla bug 1197901).

This means we can safely replace the same-origin requirement with a
requirement to support the Permissions Policy integration, as switching from
one to the other is transparent in the sense that the exact same set of
websites that worked before will continue to work with the change, as the
features we define have a default allowlist of "self".

Fixes #133
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@timvolodine @richtr @martinthomson @maryammjd