Re: [geolocation-api] Restrict access to visible and user-activation-received frames (#48)

Thanks for filling the Gecko bug @kdzwinel. 

>  Two common signals that should be incorporated into the spec are that frames need to be visible,

I think we should definitely spec this one... 

>  and to have received a user activation before they can access location information, even if the frame was previously given permission.
 
This can probably be handled by the UA (see how Firefox dealt with push notifications), as this would break too much stuff. 



-- 
GitHub Notification of comment by marcoscaceres
Please view or discuss this issue at https://github.com/w3c/geolocation-api/issues/48#issuecomment-661564438 using your GitHub account

Received on Tuesday, 21 July 2020 02:12:09 UTC