W3C home > Mailing lists > Public > public-geolocation@w3.org > August 2011

Re: Security issue of orientation events.

From: Dominique Hazael-Massieux <dom@w3.org>
Date: Thu, 18 Aug 2011 13:58:29 +0200
To: Wojciech Masłowski <wmaslowski@opera.com>
Cc: "public-geolocation@w3.org" <public-geolocation@w3.org>
Message-ID: <1313668717.2580.135.camel@altostratustier>
Le jeudi 18 août 2011 à 13:05 +0200, Wojciech Masłowski a écrit :
> I don't think so. Firstly user can use multiple other applications while 
> having a malicious site opened and visible.

I guess I really meant "active" rather than "visible".

> Apart from that it would seems rather weird to ask for permission to 
> monitor orientation events as you for example
>   switch the tab. At least I as a user would be quite surprised.

My idea was that you would have to use an additional parameter (or using
a different event name?) when registering your event listener to get
access to orientation events when your page is not visible, and that
this separate parameter/event would require user permission.

Received on Thursday, 18 August 2011 11:58:53 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:51:02 UTC