- From: Lucas Pardue <Lucas.Pardue@bbc.co.uk>
- Date: Wed, 9 Aug 2017 01:12:39 +0000
- To: Luis Barguñó Jané <luisbargu@gmail.com>, "Walter H." <Walter.H@mathemainzel.info>
- CC: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Could you simplify the path aspects of this to perhaps address some of the privacy concerns? I'm thinking, coin a new .well-known address for geolocation and restrict UAs to only send request header there. This makes it harfer to proliferate the header unintentionally. This is still subject to origin level agreement and server asking for information. Lucas ________________________________________ From: Luis Barguñó Jané [luisbargu@gmail.com] Sent: 08 August 2017 21:41 To: Walter H. Cc: ietf-http-wg@w3.org Subject: Re: Geolocation header after the 3rd question you will allow it for the whole site, believe me ... otherways the non existence of a serious use case is just proven ... The permission is per-origin, so no need for a 3rd question. The permission is the same as the JS API. and the optimization you are talking about doesn't really make any sense, when you are talking serious about the problems you're raising ... I'm still not sure I understand the tone of your replies, instead of a constructive attitude. Regardless of the content we are discussing, I never said what you mention "doesn't make any sense", even if I don't agree. Because that goes beyond respect. I still think two roundtrips to one roundtrip makes sense, and probably others who care about the internet agree. And back to the concern you have. See sentence in the document I sent: "Consider: The Geolocation header MUST only be sent when the request is for a page loaded in a top level frame." If we decide to include this, the scenario you are describing is just gone? ----------------------------- http://www.bbc.co.uk This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically stated. If you have received it in error, please delete it from your system. Do not use, copy or disclose the information in any way nor act in reliance on it and notify the sender immediately. Please note that the BBC monitors e-mails sent or received. Further communication will signify your consent to this. -----------------------------
Received on Wednesday, 9 August 2017 01:13:05 UTC