- From: Nick Doty <notifications@github.com>
- Date: Fri, 26 Aug 2016 14:24:32 -0700
- To: w3c/permissions <permissions@noreply.github.com>
Received on Friday, 26 August 2016 21:25:28 UTC
@annevk per conversation with @martinthomson above: it's true that added user convenience could be possible if browser profiles or some other UA feature were widely used to handle authentication. However, that doesn't happen often today. In the meantime, sites can use logic specific to their situation to indicate to a user agent that a permission shouldn't be persisted; for example, if they know that the current user is new to the site and its functionality. Clear Site Data isn't just for the use case of recovering from an attack. For example, see: [Section 1.1.1 Signing Out](https://w3c.github.io/webappsec-clear-site-data/#example-signout). -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/permissions/issues/46#issuecomment-242855596
Received on Friday, 26 August 2016 21:25:28 UTC