Last call for comments! So far the only feedback I have received is that it would be good to have a UI mechanism for determine which app is triggering the vibration, which sounds like a reasonable idea to me. Thanks! Lucas.
On Apr 11, 2012, at 10:36 PM, Lucas Adamski wrote: > Name of API: Vibration > Reference: http://dev.w3.org/2009/dap/vibration/ > > Brief purpose of API: Let content activate the vibration motor > > Inherent threats: Obnoxious if mis-used, consume extra battery > Threat severity: low > > == Regular web content (unauthenticated) == > Use cases for unauthenticated code: Vibrate when hit in a game > Authorization model for uninstalled web content: Explicit > Authorization model for installed web content: Implicit > Potential mitigations: Limit how long vibrations can run > > == Trusted (authenticated by publisher) == > Use cases for authenticated code:[Same] > Authorization model: Implicit > Potential mitigations: > > == Certified (vouched for by trusted 3rd party) == > Use cases for certified code: > Authorization model: implicit > Potential mitigations: > > Notes: This API may be implicitly granted. User can deny from Permission > Manager to over-ride an abusive app. > _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
