- From: Martin Thomson <notifications@github.com>
- Date: Fri, 11 Dec 2015 02:41:42 -0800
- To: w3c/permissions <permissions@noreply.github.com>
- Message-ID: <w3c/permissions/issues/55/163905952@github.com>
I think that there is little point in doing this whole standardization thing unless we tackle the hard problems as well as the easy ones. The problem that most concerns me here is that the key for permissions constrains applications in the way they deploy. If a popular browser does not key on the embedding origin, then provisions in the application for requesting permissions will be less able to handle being embedded in a browser the does key on the embedding origin. I don't decide this for Firefox, but I'd venture that we'd be willing to make changes to how permissions are keyed if that means that application developers and users get a more consistent experience. Maybe it's a decision we need to make on a per-API basis, but there aren't that many to work through. (My intuition is that the right answer is double-keys for all except notifications.) The changes to availability of features on insecure origins shouldn't have any impact on this. The intent there is to present consistent behaviour between browsers in the same way that I'm suggesting here. --- Reply to this email directly or view it on GitHub: https://github.com/w3c/permissions/issues/55#issuecomment-163905952
Received on Friday, 11 December 2015 10:42:15 UTC