Re: [w3ctag/design-reviews] Web Share API (#179)

@cynthia 
> Seems to be a pretty significant detail, but is in a non-normative section. I think it would be best to make that normative.

It's also in normative text, in [§2.1.1.3.2](https://wicg.github.io/web-share/#share-method): "Present the user with a choice of one or more share targets, selected at the user agent's discretion." This unambiguously requires the UA to present a dialog. It's re-stated in the security considerations section in order to highlight it as a strict requirement and explain that there is a security reason for this (so an implementor won't just go "oh hey, `if (num_targets == 1) { /* skip dialog */ }`".

> Additionally, I think for how it should behave on privacy mode could be easier for implementors if the spec strongly recommends one option over another rather than propose implementations doing either this or that.

Do you refer to the security consideration "Implementors should carefully consider what information is revealed in the error message when navigator.share is rejected."? I deliberated this a lot after David suggested this as a privacy issue. I don't think it makes sense for the spec to mandate this one way or the other. On some platforms there will be no privacy risk whatsoever, for example, on Chrome for Android we will just send an intent so if there are no apps we won't even know, and on other platforms we may always guarantee there is at least one option ("copy to clipboard"). It's up to the user agent to decide whether there is a privacy risk here, and also to provide the most useful error messages which could also be platform-specific.

> Will the spec itself go into a rec track document in web platform for example?

I hope so, but we haven't reached out to a standards group yet.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/179#issuecomment-306663373