W3C home > Mailing lists > Public > public-geolocation@w3.org > June 2009

Re: Restricting API access

From: Andrei Popescu <andreip@google.com>
Date: Mon, 15 Jun 2009 17:23:24 +0100
Message-ID: <708552fb0906150923k39a5e685t1d61e148f2512758@mail.gmail.com>
To: Erik Wilde <dret@berkeley.edu>
Cc: "public-geolocation@w3.org" <public-geolocation@w3.org>
On Mon, Jun 15, 2009 at 5:19 PM, Erik Wilde<dret@berkeley.edu> wrote:
> my apologies for the confusion around this issue...
> Erik Wilde wrote:
>> that's really great to hear! and does that policy apply to 3rd party
>> scripts (i.e., not just iframes) as well? doug wrote that the current
>> implementations "do not restrict device apis to TLD - IFRAMEs are allowed to
>> access each geolocation", how does that relate to your comment that no such
>> access is possible?
> so they have *access to the API* but they need permission to get the
> location information from it, right? which means the only issue that's left
> is that once i have granted one of these 3rd parties access via one site
> that used that 3rd party, it will have access to the API even when i access
> the same 3rd party through a different site, right? that's definitely far
> less troublesome, i am glad to hear that!

That's right.

Received on Monday, 15 June 2009 16:24:09 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:50:56 UTC