- From: Sominemo via GitHub <noreply@w3.org>
- Date: Tue, 22 Jul 2025 11:28:07 +0000
- To: public-device-apis-log@w3.org
Speaking of requirements, I vote for requiring the PWA to be added to the home screen for better user experience from three perspectives: **1. Making access to a sensitive feature ever so slightly harder might prevent abuse of the likes of Push+Notifications API** The point that was already made here is that the PWA requirement ever so slightly, but does make it harder to accidentally give such a permission to some rogue website. This is also Apple's solution in Safari to the common abuse of Web Push API. As noted above, it's a simple requirement to satisfy for a malicious actor, but considering implementers' rightful high scrutiny towards the feature, I think it is worth going with it to increase its chances. **2. Persistence in the user's mind** It is just harder to forget about the granted permission if you have the web app on your home screen. **3. Almost everyone knows how to delete an app** This allows us to reuse the already existing mental model users have: "If I delete an app, it can't track me anymore." Tying the permission to home screen is just an additional way to keep the user in control. --- I also wonder if this proposal implies compatibility with things like Push API and Web Periodic Background Synchronization API? I believe this is required for plenty of the mentioned use cases. It was mentioned here before that timing out defeats the purpose of this feature, so I assume it's expected to be used in pair with these APIs. -- GitHub Notification of comment by Sominemo Please view or discuss this issue at https://github.com/w3c/geolocation-sensor/issues/22#issuecomment-3102317536 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 22 July 2025 11:28:08 UTC