Re: [rtcweb] Conditions for long-term permissions grants

I think we should follow the precedent that has been set for this sort of
thing on mobile devices, namely that apps ask for consent the first time
they need the camera, and this permission is stored, as mentioned in
http://useyourloaf.com/blog/2014/07/16/ios-8-camera-privacy-settings.html.

Obviously we would only want to do this for HTTPS sites; for HTTP, access
should not be persisted, which provides a nice nudge towards use of HTTPS.

On Tue, Mar 10, 2015 at 8:27 AM, Stefan HÃ¥kansson LK <
stefan.lk.hakansson@ericsson.com> wrote:

> On 10/03/15 16:23, Anne van Kesteren wrote:
> >> My personal view is that it would still be nice to require sites to ask
> >> for persistent permissions if they want them and that there should be a
> getUserMedia()
> >> flag to indicate that.
> >
> > None of the other APIs around permissions have this. Also, given
> > users' tendency to click through dialogs, having non-persistent as
> > default and persistent through a more active action seems better.
>
> Personally I agree to that a more active action should be required to
> get a persistent permission. Would we (if people agree) need to put that
> in the document, or will implementations converge here anyway?
>
>
>

Received on Tuesday, 10 March 2015 18:51:03 UTC