- From: John Mellor <notifications@github.com>
- Date: Tue, 16 Dec 2014 18:10:58 -0800
- To: w3c/push-api <push-api@noreply.github.com>
- Message-ID: <w3c/push-api/pull/87/c67267335@github.com>
I think my mention of possible extensions to the Permissions API has been a red herring :-) @martinthomson wrote: > see [this post by Robert O'Callahan](http://robert.ocallahan.org/2011/06/permissions-for-web-applications_30.html) Yes, we've all read that post, and agree pretty much word for word. Like Robert, we dislike asking upfront, and dislike large bundles of permissions. However notifications and push (and in future background sync) are unique in two ways: 1. They can be more user-comprehensible when explained together. 2. Crucially, they operate in the background, so we can't force sites to ask for permission in context (by making the permission request implicit in the API), instead we have to allow prompting upfront. Notifications has embraced this, and has an explicit requestPermission method (with [a warning](https://notifications.spec.whatwg.org#static-members) that this is unusual). We could do the same for Push (as suggested in my last comment), though it seems slightly nicer to keep the permission request as an implicit part of registration, as is done by the original pull request. > I'm tending more toward 3a; as a simplification of 3c, it is quite attractive. Ok, but since Chrome UX prefers 3b, can we find some way for the spec to allow UAs to implement either? --- Reply to this email directly or view it on GitHub: https://github.com/w3c/push-api/pull/87#issuecomment-67267335
Received on Wednesday, 17 December 2014 02:11:26 UTC