- From: Steve Block <steveblock@google.com>
- Date: Thu, 10 Nov 2011 15:41:49 +0000
- To: Simon Pieters <simonp@opera.com>
- Cc: public-geolocation <public-geolocation@w3.org>
> However, what to show in the UI is not necessarily > the same as what to use as the "key" when storing the permission. Agreed. The spec says nothing about the latter. > Chrome > uses origin (actually a pair of origins if the page is embedded in a > cross-origin iframe), while Firefox uses the domain name, and Opera > currently uses the domain name also. Right, these are all compliant because they are at least as strict as required by the spec - the user is shown the host before the location is released to the document. I don't see any need to force UAs to adopt a particular policy, as long as they meet the minimum requirements. > No. "entry script" is still the outer script in this case, I think. Ah, yes, you're right. I missed the text 'This algorithm is not invoked by one script calling another.' when the HTML5 spec defines jumping to a code entry point [1]. [1] http://dev.w3.org/html5/spec/Overview.html#jump-to-a-code-entry-point Thanks, Steve -- Google UK Limited Registered Office: Belgrave House, 76 Buckingham Palace Road, London SW1W 9TQ Registered in England Number: 3977902
Received on Thursday, 10 November 2011 15:42:27 UTC