Re: [geolocation-api] Restrict access to visible and user-activation-received frames (#48) from engedy via GitHub on 2020-07-06 (public-geolocation@w3.org from July 2020)

From: engedy via GitHub <sysbot+gh@w3.org>
Date: Mon, 06 Jul 2020 13:49:21 +0000
To: public-geolocation@w3.org
Message-ID: <issue_comment.created-654250563-1594043360-sysbot+gh@w3.org>

We could also consider restricting geolocation access to active documents whose origin is same origin-domain with the currently focused area document. There are obviously compatibility risks here as well, partially overlapping with those associated with the user-activation-received requirement. Similarly to what we did before restricting APIs to secure contexts, we probably need to add telemetry to measure the expected breakage first.

-- 
GitHub Notification of comment by engedy
Please view or discuss this issue at https://github.com/w3c/geolocation-api/issues/48#issuecomment-654250563 using your GitHub account

Received on Monday, 6 July 2020 13:49:25 UTC