W3C home > Mailing lists > Public > whatwg@whatwg.org > April 2011

[whatwg] Proposal for a web application descriptor

From: Simon Heckmann <simon@simonheckmann.de>
Date: Sat, 30 Apr 2011 09:30:18 +0200
Message-ID: <2E930864-F4B7-436D-89A3-9108A360DEB9@simonheckmann.de>


Am 30.04.2011 um 01:41 schrieb Glenn Maynard <glenn at zewt.org>:

> On Fri, Apr 29, 2011 at 6:40 PM, Simon Heckmann <simon at simonheckmann.de>wrote:
> 
>>> Some challenges include:
>>> 
>>> *  how to justify the request to the user being asked to grant the
>> privileges
>>>    starting with a text string and a link to more information
>> 
>> Well, this is what I thought of: The users visit a website they have never
>> visited before. A notifications pops up allowing them to set all permissions
>> required for this page. The users might not trust the site yet so they do
>> not grant all permissions immediately.
> 
> 
> There's a more common issue: when you ask me for a bunch of permissions at
> once, I don't know why you want them.  This happens constantly with Android
> apps: you install a simple notepad or clock app, and it'll ask for Internet
> access and the ability to make phone calls, and you don't know why.
> 
> This is why--in general--I like the model so far: the user is asked for
> permission in response to actually doing something that uses a feature.  In
> the notepad app, you're asked for permission to access the internet when you
> select "sync notes to your desktop PC"; it's immediately obvious why it's
> asking for it.  (That's an Android example, of course, not a web app
> example.)
> 
> Hopefully the ultimate solution will deal with both, allowing UAs the option
> of asking all at once or on-demand, depending on the situation.  (Some
> permissions inherently have to be asked in advance, like Web Notifications,
> which doesn't happen in response to a user action.)
> 
> -- 
> Glenn Maynard
I agree: That is why the example you quote from my previous mail went on like this:
As the users continue to use the page, the web site could check the status of the permission using javascript and remind the user to rethink his permission settings: "This site would like to access your camera to scan for a barcode. If you want to use this feature, please use the global permissions dialog to set them." This way users that trust/know the application can give permissions directly while others might grant permissions one at the time. Thats why I like the idea of a consolidated dialog. The user could always quicky return to it and maintain all permissions at once. 
Received on Saturday, 30 April 2011 00:30:18 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 30 January 2013 18:48:03 GMT