Permissions Matrix
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

View only
 
ABCDEFGHIJKLMNOPQRSTUV
1
APIActionPermissionWeb ContentWeb AppTrusted AppCertified AppVisual IndicatorMitigationsNotesPermission
2
Geolocation APIObtain current location of userExplicit (prompt)Explicit (prompt)Explicit (prompt)ImplicitYes
3
IdleAPIDetect user inactiveNone?allow*allowImplicitImplicitNoFuzz Idle time to prevent fingerprinting. Enforce minimum time to prevent keystroke inference.This is a web api in the browser - it does not need a permission.None?
4
Battery Status APIInformation about battery charge level and if device is plugged in.Currenlty has a pref (dom.power.whitelist)ImplicitImplicitImplicitImplicitNoDoes this even have a permission associated with it? Not according th the w3c soec: http://dvcs.w3.org/hg/dap/raw-file/tip/battery/Overview.htmlNone?
5
Network Information APIGet basic information about current network connectivity.None?ImplicitImplicitImplicitImplicitNoDoes this even have a permission associated with it?
6
ResourceLock APIPrevent the screen from being dimmed or switched offImplicitImplicitImplicitImplicitNoDoes this even have a permission associated with it?
7
Vibration APIImplicitImplicitImplicitImplicitLimit how long vibrations can run. Only foreground content can trigger vibration.Does this even have a permission associated with it?
8
Screen Orientationlock screen orientation, detect changesImplicit (foreground only)Implicit (foreground only)ImplicitImplicitNoRules regarding fullscreen and iframe ancestorsDoes this even have a permission associated with it?
9
Alarm APISchedule a notification, or for an application to be started, at a specific time.ImplicitImplicitImplicitNo
10
WebSMSAll SMS APIsExplicit (prompt)ImplicitNoOpen question: can trusted app register as a SMS handler. Can't replace certified SMS app
11
TCP Socket APIConnect to TCP socketImplicitImplicitNoOpen question for trusted apps: port/address limitations? Connect only? No listen?
12
UDP Datagram Socket APILow-level UDP APIImplicitImplicitNo
13
WebTelephonyAll Web Telephony APIsExplicit (no prompt)ImplicitYesCan't replace certified dialerPrompt for things that do not obviously look like dialers?
14
Background servicesEnable a web application to run in the background and perform tasks like syncing or respond to incoming messages.ImplicitImplicitImplicitNoFuzz Idle time to prevent fingerprinting. Enforce minimum time to prevent keystroke inference.
15
Browser APIEnables implementing a browser completely in web technologies.Explicit (no runtime prompt)ImplicitNoCant explain what the browser permission means, so either explicit or install time permission.
16
Calendar APIAdd/Read/Modify to the device calendar.ImplicitNo
17
Camera APIThis is part of the larger WebRTC effort. This is a big piece of work so see the link.ExplicitExplicitExplicitImplicitNo
18
Contacts APIAdd/Read/Modify the device contacts address book.Explicit (prompt)ImplicitNo
19
Device Capabilities APICheck if the device has certain capabilities, such as front-facing camera, gps, etc.ImplicitImplicitImplicitImplicitNoDoes this even have a permission associated with it?
20
Device Storage APIAdd/Read/Modify files stored on a central location on the device. For example the "pictures" folder on modern desktop platforms or the photo storage in mobile devices.ExplicitImplicitNoThis permission is likely too tight, but dont have enough information
21
22
Keyboard/IME APIEnables implementing virtual keyboards.ImplicitNo
23
LogAPI Allows to register the user activity on the phone. ImplicitNo
24
MobileConnection APIThis exposes information about the current mobile voice and data  connection to (certain) HTML content.ImplicitNo
25
PowerManagementAPITurn on/off screen, cpu, device power, etc. Listen and inspect resource lock events.ImplicitNo
26
Push Notifications APIAllow the platform to send notification messages to specific applications.ImplicitNo
27
Sensor APIAccess to device sensors such as accelerometer, magnetic field (compass), proximity, ambient light etc.Explicit (prompt)Explicit (prompt)Explicit (install time)ImplicitNoForeground only for less than certified apps? Maybe allow trusted appss (eg compass status bar app)
28
Settings APIAPI to configure device settingsImplicitNo
29
Time/Clock APISet current time. Timezone will go in the Settings API.ImplicitNo
30
WebBluetoothLow level access to Bluetooth hardware.ExplicitImplicitNo
31
WebNFCLow level access to NFC hardware. So far focusing on NDEF support.Explicit (prompt)Explicit (prompt)ExplicitImplicitNo
32
WebUSBLow level access to USB hardware.ExplicitImplicitNoNot P1
33
WiFi Information API Enumerate available WiFi networks, get signal strength and name of currently connected network, etc.ExplicitImplicitNo
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
Loading...