Re: [geolocation-api] Restrict access to visible and user-activation-received frames (#48)

We could also consider restricting geolocation access to active documents whose origin is same origin-domain with the currently focused area document. There are obviously compatibility risks here as well, partially overlapping with those associated with the user-activation-received requirement. Similarly to what we did before restricting APIs to secure contexts, we probably need to add telemetry to measure the expected breakage first.

-- 
GitHub Notification of comment by engedy
Please view or discuss this issue at https://github.com/w3c/geolocation-api/issues/48#issuecomment-654250563 using your GitHub account

Received on Monday, 6 July 2020 13:49:25 UTC