> On 2014-05-06, 8:16 PM, Gary Chen wrote:
> > On Tue, May 6, 2014 at 4:18 PM, Ehsan Akhgari <
ehsan....@gmail.com>
> > wrote:
> > > I think Jonas' idea for restricting the URLs that the embedding iframe
> > > is
> > > allowed to load based on a new "embed-widgets" permission is a good one.
> > >
> > > Do you also need parts of the mozbrowser API for this use case? If
> > yes, can
> > > you please clarify which parts?
> >
> > Ah, yes, I didn't mention that part. I think we should forbid any
> > parts of the mozbrowser API which allows reading data from the
> > contents of the iframe. So grabbing screenshots or getting
> > notifications about navigations should not be allowed.
> >
> > Would this break any of the use cases?
> >
> > In some case, grabbing screenshots is needed.
> > For example, when user switch homescreen pages, some widgets will
> > be suspend which are in the background pages.
> > I think it just like card view, for better user experience we won't want
> > to show black screen on widgets when they siwtch back to foreground pages.
>
> Hmm, why would the widget be suspended? Keeping the widget iframe
> rendering while dragging the homescreen page around sounds like the kind
> of thing that the platform should be able to handle well for you.
>
Sorry, I should not use 'suspended' this word, it is so confusing.
In current platform, app get high priority to be kill when it is in background and memory pressure occurred.
Same as widget, if homescreen page is dragged to background those widgets on this homescreen may get high priority to be kill.
In this situation screenshots might be a better user experience.
But this is just my though.
> > I am not sure what are "notifications about navigations"? "alert",
> > "confirm" dialog?
> > If yes, our team also has discussed this issue, we propose to extend
> > mozbrowser api - propagate events to grandparentframes.
> > In our case the grandparent frame is system app, system app will handle
> > these 'notifications' If we don't want 3rd-party app handle these events.
>
> I think Jonas meant navigation in terms of web content navigation (i.e.
> navigating to another page, going back/forward, etc.)
Thanks for clarify this point.
>
> > I just curious is there any security concern about grabbing screenshots?
>
> The widget might render sensitive information to the user (for example,
> allow the user to enter a password, or show their bank account number,
> etc.) We protect against pages from different origins reading pixels
> from each others' renderings because of this reason in many other parts
> of the Web platform.
>
Thanks for reminder this issue.
Echo Paul, mozbrowser (browser permission) is already available to privileged apps.
It means APP dev can use this API make a browser-like APP,
and it also has ability to take a screenshot when user enter sensitive information.