- From: fergald via GitHub <sysbot+gh@w3.org>
- Date: Thu, 14 Nov 2019 02:34:52 +0000
- To: public-device-apis-log@w3.org
fergald has just created a new issue for https://github.com/w3c/sensors: == access to orientation without access to linear acceleration? == According to https://w3c.github.io/sensors/#permission-api a page that wants to access orientation, must be allowed gyroscope and accelerometer. Relative orientation is not sensitive data, linear acceleration is but I cannot specify a policy that only allows relative orientation (I could access the gyroscope directly but not the higher level deviceorientation events API (at least not in chrome: https://cs.chromium.org/chromium/src/content/browser/generic_sensor/sensor_provider_proxy_impl.cc?q=SensorTypeToFeaturePolicyFeatures). This seems like an undesirable outcome arising from the rule that fusion sensor permissions are transitive https://www.w3.org/TR/generic-sensor/#permission-api I don't think this is easy to fix this. Presumably someone with access to a fused sensor and 1 or 2 of the less sensitive inputs could derive the more sensitive input. Accounting for that seems more complex but could then lead to a more useful permissions system whereby the feature policies specify what _information_ a page could access and the browser could then allow/deny sensors as a result. E.g. if you are only allowed have relative orientation information then you can have gyroscope or fused relative orientation but not both. I'm suggesting that's easy but having everyone request acceleration just to get orientation seems counter-productive. Please view or discuss this issue at https://github.com/w3c/sensors/issues/399 using your GitHub account
Received on Thursday, 14 November 2019 02:34:53 UTC