On Thu, Sep 13, 2012 at 9:27 AM, Jonas Sicking <jo...@sicking.cc> wrote: > For Firefox OS, we are getting requests from partners to add tokens to > the UA string which identify the hardware device on which Firefox OS > is running.
We already had this debate for Firefox for Android. I think we should apply the same decision (not to expose hardware name) to Firefox OS for the same reasons. > * Some content providers strike deals with hardware manufacturers > which allow devices made by the manufacturer to access content for > free. One way that this is implemented is by looking for tokens in UA > strings and serve content based on this. This is obviously terribly > insecure and easy to spoof, however the hurdle is large enough that > this is a "good enough" solution in many cases. I.e. the cost of > developing a more secure solution, and the cost of losing users due to > having to ask them to enter passwords etc is higher than the lost > revenue due to people hacking the system by changing their UA string. Whoa. This has to be one of the worst UA string abuses ever. I think facilitating this kind of device-dependent Web would be against the Mission. It would be sad if this sort of thing was permitted for devices licensed to use Mozilla's trademarks. Remember how we felt about Chrome/car cross-promotion where a car's site told users to get Chrome even though Firefox had the relevant features or about Cut the Rope/IE cross-promotion that required the use of IE to get to levels that technically would have worked in Firefox. > * App stores only want to deliver applications to devices which they > know will run on the device. Today many stores in our target market > (Brazil) apparently do this by looking at hardware tokens in UA > strings. This is a scenario where we strongly want people to do > capability checking by using the DOM for reasons that we are all way > too familiar with. However this isn't what stores do today and so we > would have to convince them to switch to this system. Additionally > capability checking isn't always perfect, since currently it's hard to > detect performance metrics. If the app store case ended up being considered legitimate somehow, app stores have special privileges anyway, so the information could be exposed via a privileged API instead of broadcasting it to every UA sniffer around the Web, so I think app store-motivated reasons shouldn't be treated as reasons put stuff in the UA string. > However this apparently is a pretty wide-spread pattern in existing > mobile devices. And that's a problem, as seen in the threads that lead to the decision not to expose hardware name in Firefox for Android. When you give Web developers the opportunity to goof in ways that hurt users, they will: Exposing the device name is sure to create situations where a site works/fails depending on device name. -- Henri Sivonen hsivo...@iki.fi http://hsivonen.iki.fi/ _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
