W3C home > Mailing lists > Public > public-geolocation@w3.org > June 2020

[geolocation-api] Restrict access to visible and user-activation-received frames (#48)

From: pes via GitHub <sysbot+gh@w3.org>
Date: Tue, 30 Jun 2020 03:06:50 +0000
To: public-geolocation@w3.org
Message-ID: <issues.opened-647817571-1593486409-sysbot+gh@w3.org>
pes10k has just created a new issue for https://github.com/w3c/geolocation-api:

== Restrict access to visible and user-activation-received frames ==
Geolocation functionality poses clear benefits and risks to user privacy.  In order to better distinguish the former from the latter, and prevent location from becoming an unknown ongoing tracking vector, the spec should require signals that the user is intentionally interacting with a frame before the frame can request location data (even for a frame that was previously given location permission).

Two common signals that should be incorporated into the spec are that frames need to be visible, and to have received a user activation before they can access location information, even if the frame was previously given permission.

Please view or discuss this issue at https://github.com/w3c/geolocation-api/issues/48 using your GitHub account
Received on Tuesday, 30 June 2020 03:06:52 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 30 June 2020 03:06:52 UTC