- From: cowwoc <cowwoc@bbs.darktech.org>
- Date: Tue, 17 Sep 2013 14:18:56 -0400
- To: public-media-capture@w3.org
On 17/09/2013 2:14 PM, cowwoc wrote:
> On 15/09/2013 8:07 PM, Silvia Pfeiffer wrote:
>> On Mon, Sep 16, 2013 at 8:54 AM, Harald Alvestrand
>> <harald@alvestrand.no> wrote:
>>> On 09/09/2013 04:02 PM, Stefan Håkansson LK wrote:
>>>> Putting my chair hat on,
>>>>
>>>> the discussion regarding adding an explicit "get access to media" call
>>>> seems to be leaning towards that this is something we should not do.
>>>>
>>>> Unless more people speak up saying they want this I will close the
>>>> bug,
>>>> with a comment saying there was not support to add this, later this
>>>> week.
>>>>
>>>> Stefan
>>>>
>>> Just to say a final word here:
>>>
>>> I feel that the arguments put forward by Anne, Robert and Martin are
>>> wrong.
>>> In trying to prevent a particular class of bad application behaviours,
>>> they are taking away the ability to write good applications that can do
>>> what's right for the user.
>>>
>>> I believe that having the asking for permissions be an action that is
>>> triggered explicitly by Javascript can give better user interfaces to
>>> better applications than having the triggering of the same asking for
>>> permission be implicit in a Javascript action whose purpose is
>>> something
>>> else can.
>>>
>>> We're sacrificing the ability to write great applications in order to
>>> make it harder to write bad ones.
>>>
>>> But I accept that my viewpoint, so far, has not found consensus in the
>>> group, and will accept my chair's decision to close the bug as
>>> WONTFIX /
>>> Working as intended, if that remains the position of the rest of the
>>> group.
>> I have a gut feeling that Harald is correct, but I don't have any data
>> to make a case yet.
>>
>> I hope the group will be open to reconsider introducing an explicit JS
>> permission call in future once we have more experience with the
>> current interface and whether or not it is sufficient.
>
> I'd like to suggest a possible compromise (borrowing the idea from
> Java):
>
> We continue prompting the user for individual permissions, but we
> add "Always trust this provider". By the time users get a second
> prompt, or visit the site a second time, they are likely to select
> this option which basically says "provide this provider with any
> permission they ask for".
>
> Users who want fine-grained control get it. Users who couldn't
> care less (your typical grandmother) will suppress all further
> checks. I don't think there is a value in asking "your grandmother"
> for permissions multiple times because (in my experience) they don't
> really read the prompt before confirming (due to user fatigue and lack
> of technical background) so providing this option isn't really a
> security hazard.
Or (probably even better) we prompt users for one permission at a
time, but give them the option to review all permissions and accept them
at once. It's a hybrid between Harald's proposal and Java's "Always
trust this provider".
It would look something like this: "foobar.com would like to use
your Webcam. [Accept] [Reject] [Review all permissions]"
Clicking on "Review all permissions" would bring up a panel similar
to Android, listing all permissions and allowing the user to grant them
all at once.
Gili
Received on Tuesday, 17 September 2013 18:19:34 UTC