- From: Owen Campbell-Moore via GitHub <sysbot+gh@w3.org>
- Date: Thu, 09 Mar 2017 16:50:49 +0000
- To: public-device-apis-log@w3.org
Thanks for filing this! >From a practical perspective, if there are extensions to the permissions API for each individual sensor then browsers can implement and decide to mark as granted if we feel that specific sensor doesn't warrant a permission. That way we have good interop between browsers that choose to permission, or not, these sensors. If a sensor is introduced in the future that a browser decides to permission, we can also do it for that one specifically which is nice. For example, if a sensor is introduced that creates a fingerprinting risk and no mitigations are available we may then choose to expose it only with a permission. My take away here is that some browsers may choose to expose some subset of the sensors possible without permissioning, for example the accelerometer and gyroscope and as note that these are already exposed via DeviceOrientation events. For that reason I think it would be better for the spec to say that browsers *may* require user permission for any sensors they wish and developers must always request permission before using one -- GitHub Notification of comment by owencm Please view or discuss this issue at https://github.com/w3c/sensors/issues/174#issuecomment-285409411 using your GitHub account
Received on Thursday, 9 March 2017 16:50:55 UTC