The geolocation API allows web pages to request the user's geolocation, drawing from things like GPS on mobile, and doing WiFi / IP based geolocation on desktop.
Due to the privacy risks associated with this functionality, I would like to propose that we restrict this functionality to secure contexts [1]. Our telemetry for geolocation is a little rough, but we can derive some upper bounds. According to telemetry from Firefox 49, the geolocation permissions prompt has been shown around 4.6M times [2], on about 3B page loads [3]. Around 21% of these requests were (1) from "http:" origins, and (2) granted by the user. So the average rate of permissions being granted to non-secure origins per pageload is 4.6M * 21% / 3B = 0.0319%. Access to geolocation from non-secure contexts is already disabled in Chrome [4] and WebKit [5]. Please send any comments on this proposal by Friday, October 28. Relevant bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1072859 [1] https://www.w3.org/TR/secure-contexts/ [2] https://mzl.la/2eeoWm9 [3] https://mzl.la/2eoiIAw [4] https://codereview.chromium.org/1530403002/ [5] https://trac.webkit.org/changeset/200686 _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
