Re: [battery] Allow use from within secure context and top-level browsing context only

Firefox's implementation was providing too much entropy, it doesn't mean that other implementations have to do tho same. I'm not sure how restricting the feature to top level browsing context is the right solution. The Battery API can be used by third party content for valid reasons. We can fix the privacy issues with the Battery API by reducing the entropy of the value shared with the web page instead of blocking the capability entirely. I believe the specification is already recommending implementations to be careful with this. Why do we need to block the API even more, making it pretty much useless in a lot of situations?

-- 
GitHub Notification of comment by mounirlamouri
Please view or discuss this issue at https://github.com/w3c/battery/issues/10#issuecomment-308107841 using your GitHub account

Received on Tuesday, 13 June 2017 13:01:10 UTC