Re: Geolocation header

On Fri, August 4, 2017 10:31, Luis Barguñó Jané wrote:

> The Geolocation API spec says
> permission should be acquired through a user interface and "The user
> interface must include the host component of the document's URI".

SHOULD doesn't mean MUST, so if dropping this
"ask interface", it is still conforming to the specs ...

> This is how browsers implement this today, following the spec.

today is nothing said about tomorrow ...

>> I bet by the answer of the following question ...
>> "From WHERE/HOW does a NON MOBILE know its location?"
>> it doesn't make any sense to have any geo location - neither API nor
>> header field - for user agents on non mobile devices ...

> Desktop browsers use WiFi

WiFi is a kind of mobile, I asked for non mobile ...

in other words, the server already knows the answer: IP address.

> There's clearly a legit use case on both mobile and desktop.

> Otherwise why
> would we have a standard for a JS geolocation API?

invalid question; this has to be interpreted this:

when you need geolocation, than use this API; nowhere is said, that you
have to use this at all ...

or is it forbidden to walk, even we have cars?

> There's ways
> to implement this header-based optimization that would not introduce any
> new privacy risk.

WOULD NOT doesn't mean WILL NOT, so it DOES introduce a new privacy risk.

Received on Friday, 4 August 2017 08:59:10 UTC