Bug 927831 - Remove sensitive permissions from GeckoView r=jchen
The hosting app will need to request things like camera or microphone
access if it wants to use web features that rely on those. This is true
for the Android WebView as well, so we're doing the expected thing here.
MozReview-Commit-ID: FPWJ6mtgOT5
--- a/mobile/android/geckoview/src/main/AndroidManifest.xml
+++ b/mobile/android/geckoview/src/main/AndroidManifest.xml
@@ -1,66 +1,54 @@
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="org.mozilla.geckoview">
- <uses-permission android:name="android.permission.CHANGE_WIFI_STATE"/>
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>
- <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/>
- <uses-permission android:name="android.permission.ACCESS_FINE_LOCATION"/>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
<uses-permission android:name="android.permission.INTERNET"/>
- <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"/>
- <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
- <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
- <uses-permission android:name="com.android.launcher.permission.INSTALL_SHORTCUT"/>
- <uses-permission android:name="com.android.launcher.permission.UNINSTALL_SHORTCUT"/>
<uses-permission android:name="android.permission.WAKE_LOCK"/>
<uses-permission android:name="android.permission.VIBRATE"/>
<uses-feature
android:name="android.hardware.location"
android:required="false"/>
<uses-feature
android:name="android.hardware.location.gps"
android:required="false"/>
<uses-feature android:name="android.hardware.touchscreen"/>
- <uses-permission android:name="android.permission.CAMERA"/>
-
<uses-feature
android:name="android.hardware.camera"
android:required="false"/>
<uses-feature
android:name="android.hardware.camera.autofocus"
android:required="false"/>
<!-- #ifdef MOZ_WEBRTC -->
<!--
TODO preprocess AndroidManifest.xml so that we can
conditionally include WebRTC permissions based on MOZ_WEBRTC.
-->
- <uses-permission android:name="android.permission.RECORD_AUDIO"/>
- -->
<uses-feature
android:name="android.hardware.audio.low_latency"
android:required="false"/>
-->
<uses-feature
android:name="android.hardware.microphone"
android:required="false"/>
-->
<uses-feature
android:name="android.hardware.camera.any"
android:required="false"/>
-->
<!-- #endif -->
- <!-- App requires OpenGL ES 2.0 -->
+ <!-- GeckoView requires OpenGL ES 2.0 -->
<uses-feature
android:glEsVersion="0x00020000"
android:required="true"/>
<application>
<!-- New child services must also be added to the Fennec AndroidManifest.xml.in -->
<service
new file mode 100644
--- /dev/null
+++ b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/package-info.java
@@ -0,0 +1,47 @@
+/* -*- Mode: Java; c-basic-offset: 4; tab-width: 20; indent-tabs-mode: nil; -*-
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/**
+ * This package contains the public interfaces for the library.
+ *
+ * <ul>
+ * <li>
+ * {@link org.mozilla.geckoview.GeckoRuntime} is the entry point for starting and initializing
+ * Gecko. You can use this to preload Gecko before you need to load a page or to configure features
+ * such as crash reporting.
+ * </li>
+ *
+ * <li>
+ * {@link org.mozilla.geckoview.GeckoSession} is where most interesting work happens, such as
+ * loading pages. It relies on {@link org.mozilla.geckoview.GeckoRuntime}
+ * to talk to Gecko.
+ * </li>
+ *
+ * <li>
+ * {@link org.mozilla.geckoview.GeckoView} is the embeddable {@link android.view.View}. This is
+ * the most common way of getting a {@link org.mozilla.geckoview.GeckoSession} onto the screen.
+ * </li>
+ * </ul>
+ *
+ * <p>
+ * <strong>Permissions</strong>
+ * <p>
+ * This library does not request any dangerous permissions in the manifest, though it's possible
+ * that some web features may require them. For instance, WebRTC video calls would need the
+ * {@link android.Manifest.permission#CAMERA} and {@link android.Manifest.permission#RECORD_AUDIO}
+ * permissions. Declaring these are at the application's discretion. If you want full web
+ * functionality, the following permissions should be declared:
+ *
+ * <ul>
+ * <li>{@link android.Manifest.permission#ACCESS_COARSE_LOCATION}</li>
+ * <li>{@link android.Manifest.permission#ACCESS_FINE_LOCATION}</li>
+ * <li>{@link android.Manifest.permission#READ_EXTERNAL_STORAGE}</li>
+ * <li>{@link android.Manifest.permission#WRITE_EXTERNAL_STORAGE}</li>
+ * <li>{@link android.Manifest.permission#CAMERA}</li>
+ * <li>{@link android.Manifest.permission#RECORD_AUDIO}</li>
+ * </ul>
+ *
+ */
+package org.mozilla.geckoview;