Closed
Bug 1266494
Opened 9 years ago
Closed 9 years ago
Limit navigator.geolocation.watchPosition() to secure contexts
Categories
(Core :: DOM: Geolocation, defect)
Core
DOM: Geolocation
Tracking
()
RESOLVED
DUPLICATE
of bug 1072859
People
(Reporter: rbarnes, Unassigned)
References
Details
(Keywords: site-compat, Whiteboard: btpp-fixlater)
This is clearly a powerful feature, so it's a natural candidate for restriction. Chromium is restricting all of navigator.geolocation as of 50:
https://codereview.chromium.org/1530403002/
Our telemetry shows that only ~0.1% of the usage of watchPosition() is in non-secure contexts.
http://mzl.la/1VEBbZq
That's low enough that we should go ahead and turn it off.
|
||
Updated•9 years ago
|
Keywords: dev-doc-needed,
site-compat
|
||
Updated•9 years ago
|
Whiteboard: btpp-fixlater
|
|
||
Comment 1•9 years ago
|
||
Is there any reason why we cannot limit getCurrentPosition() as well like Chromium? If not, this is a dup of Bug 1072859.
|
|
||
Comment 2•9 years ago
|
||
Posted the site compatibility doc: https://www.fxsitecompat.com/en-CA/docs/2016/use-of-geolocation-watchposition-will-be-limited-to-secure-sites/
|
||
Comment 3•9 years ago
|
||
getCurrentPosition() should also be limited.
|
||
Comment 4•9 years ago
|
||
Marking as DUP of #1072859: watchPositiong() and getCurrentPosition() should both be limited to secure contexts.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → DUPLICATE
|
||
Updated•9 years ago
|
Keywords: dev-doc-needed
You need to log in
before you can comment on or make changes to this bug.
Description
•