- From: Charles Pritchard <chuck@jumis.com>
- Date: Thu, 30 Jun 2011 13:59:51 -0700
- To: Dominique Hazael-Massieux <dom@w3.org>
- CC: public-device-apis@w3.org
On 6/30/2011 7:31 AM, Dominique Hazael-Massieux wrote: > Hi, > > Robert O'Callahan just published a blog post on the risks/advantaged of > bundled permissions for Web applications: > http://weblogs.mozillazine.org/roc/archives/2011/06/permissions_for.html > recommending overall *against* bundling them. > > I thought I would share the link since that's potentially relevant to > our work on the permissions API. > > Dom "One wrinkle is that lazy app developers can turn the 'permissions in context' model back into the "bundled permissions" model by activating APIs up-front and refusing to let the application proceed until all requests are granted. My hope is that if most apps don't behave that way, users will develop higher expectations and be distrustful of lazy apps." I've made that mistake before, with detection for web storage. It's a little tricky, in that, we want to check to see whether or not the user has Web SQL / FileSystem / IDB storage enabled and content in it, so we know whether to load that content onto the screen. The obvious fix is to store that information in a less obtrusive place: localStorage. I should have written something like localStorage.hasSql = true, for clients which have enabled SQL storage during a save/open-file procedure in a prior session. Feature testing it ahead of time doesn't work, as the feature test may trigger a permissions request. -Charles
Received on Thursday, 30 June 2011 21:00:35 UTC