- From: ShijunS <notifications@github.com>
- Date: Tue, 30 Aug 2016 10:32:47 -0700
- To: w3c/permissions <permissions@noreply.github.com>
- Message-ID: <w3c/permissions/issues/124@github.com>
Here are some questions on the query() method - some might just be implementation issues, while others might need further consideration in the spec. @jyasskin, it'd be nice to know your takes on them. - When a device is removed from the system, would that be any onchange event fired? There seems no valid state in that case for that device. - When a persistent permission is stored for a device class, would temporarily unplugging all devices in the class change anything to permission state? - When a device is removed from or added to the system, the permission state for the device class can potentially change. How would the apps distinguish the change and actual permission changes by the users manually? - In a per-use permission mode, if a device is in use based on a user granted (one-time) permission, what will be the permission state returned by query()? What will it mean for the next access to the same device if it returns "granted"? Or, how would app tell the difference if the returned value is not "granted" while the device is actually being used? BTW, is there any security concern for apps to silently detect a granted permission - especially any per-use or short-term permissions? Meanwhile, it'd be quite awkward if query() triggers a permission UI to allow the page to query. I expect the security experts here must have given thoughts on this one already, wonder if anyone could point me to discussions in the mailing list or github. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/permissions/issues/124
Received on Tuesday, 30 August 2016 19:31:47 UTC