Evertyhing.me logs all API request % cd gaia/apps/homescreen/everything.me % ack Evme.Utils.log js/Brain.js 107: Evme.Utils.log('Callback: ' + _class + '.' + _event); 112: Evme.Utils.log('CB Error! ' + ex.message); 510: Evme.Utils.log('{' + s.join('},{') + '}'); 1353: Evme.Utils.log("DoATAPI.request " + getRequestUrl(data)); 1373: Evme.Utils.log('API Client Error: ' + data.exception.message); 1378: Evme.Utils.log('API Server Error: ' + JSON.stringify(data.response)); The code for Evme.Utils.log() simply does a dump() Specially the logging on DoATAPI.request is worrysome as it logs all API requests. Those include personal detail like search queries, session ids and device identifiers and also the Everything.me API key. It is highly recomended to only log in a special debug build and be as quiet as possible for a production build. I don't think that is currently happening. The logs are not persisted to disk but a good amount of logging can still easily be recovered with adb.

Stefan, is there a setting we can use as a condition to logging?

Is using console.debug going to eliminate logs in production?

This appears to be privacy and user data exposure, at first glance.

Console logging is disabled by default in production builds so you can use that instead. dump() should not even work at all from content js, but that's another topic...

dietrich: what info do you need from me on this?

(In reply to Sid Stamm [:geekboy or :sstamm] from comment #5) > dietrich: what info do you need from me on this? Nm, per comment #4.

Fabrice, are dogfood builds production builds? If that's the case, then the only issue would be developers sending their private information to E.me.

(In reply to Dietrich Ayala (:dietrich) from comment #7) > Fabrice, are dogfood builds production builds? Yes

(In reply to Dietrich Ayala (:dietrich) from comment #7) > Fabrice, are dogfood builds production builds? > > If that's the case, then the only issue would be developers sending their > private information to E.me. Dietrich, I don't think the issue here is that info is sent back to the e.me servers. I have filed bug 831494 for that in the past. The only issue for this bug is that the API requests are logged using dump(). I think we have a good solution for that now if they start using console.log() instead, which is disabled by default. Or are you saying e.me should be disabled completely for developer builds? I have no opinion on that but if you think that is appropriate then please file a separate bug.

replacing all dump() calls with console.log()

Comment on attachment 717594 [details] Patch - redirect to github PR NOTE: Please see https://wiki.mozilla.org/Release_Management/B2G_Landing to better understand the B2G approval process and landings. [Approval Request Comment] Bug caused by (feature/regressing bug #): User impact if declined: maybe security issue Testing completed: yes Risk to taking this patch (and alternatives if risky): no risk String or UUID changes made by this patch:

Comment on attachment 717594 [details] Patch - redirect to github PR approving for uplift to v1-train - this is only affecting developer builds and is a low risk fix.

v1-train@98ef159