- From: raymeskhoury <notifications@github.com>
- Date: Fri, 22 Sep 2017 17:32:35 -0700
- To: w3c/permissions <permissions@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3c/permissions/issues/158/331589638@github.com>
Just to share my 2c on request(): 0) I've come to the view over some time that having a generic request could be a useful thing if designed well. 1) There's a lot of history to it, so I think making progress is going to require a fresh look at it, the problems it addresses and the tradeoffs. We need to go about the discussion in a different way than in the past and I think we would benefit from someone championing it and an explainer document. 2) I agree with @annevk in that starting with an API that is specified for a small subset of permissions would be a good approach. 3) I feel quite strongly that we should avoid a request function that has no return value. The result of requesting access should be a handle to the capability which was requested. There's 2 reasons why I feel strongly about that: a) Because it makes API usage very clear to developers b) Because it gives UAs full control over the scope of the permission grant and it makes that scope very clear to developers. It deals with a concern previously raised that request() would not support a single-use permission prompt model. (3) may mean that request() does not fit in with the current design of many APIs but I think we need to think about the direction we want to head in the future and then consider how/whether to move older APIs to that future. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/permissions/issues/158#issuecomment-331589638
Received on Saturday, 23 September 2017 00:32:57 UTC