W3C home > Mailing lists > Public > public-secondscreen@w3.org > May 2016

Re: [presentation-api] User Data Controls in Web Browsers guidelines

From: François Daoust via GitHub <sysbot+gh@w3.org>
Date: Wed, 18 May 2016 15:02:46 +0000
To: public-secondscreen@w3.org
Message-ID: <issue_comment.created-220054969-1463583765-sysbot+gh@w3.org>
I reviewed the [User Data Controls in Web 
Browsers](https://gist.github.com/mnot/96440a5ca74fcf328d23) document.
 I have three comments on the document itself:

1. It does not mention permissions exposed to the Permissions API in 
parts of the Web platform affected by Site Data Controls, which could 
persist from one browsing session to another. If it's on purpose, I 
don't understand why.
2. I failed to understand why AppCaches were listed in Site Data 
Controls and not in Local Data Controls together with HTTP caches 
initially, until I remembered that AppCache also comes with an 
Application cache API that exposes the cache status to the app. It 
might be worth clarifying that in the document. And if there's another
 reason, I missed it...
3. I'm not entirely clear whether we can reference the common user 
data controls identified in Appendix A, namely "Clearing Site Data" 
and "Privacy Mode", e.g. to say "Create a new top-level browsing 
context C set to display content on D in privacy mode" in an 
algorithm.

The classification into "Site Data Controls", "Local Data Controls" 
and "Network Data Controls" seems useful, otherwise. For instance, in 
the Presentation API, most of the discussions we had to describe the 
private mode for the receiving browsing context were on "Site Data 
Controls" (although "Local Data Controls" could also be relevant).

The recommendation that I think we need to discuss at the F2F is:

> Specifications SHOULD NOT detail interaction with specific user data
 controls, because their nature tends to change over time.
> Specifications MAY illustrate the effects of user data controls and 
suggest (but not require) interactions with them.

This seems to suggest that specific steps in the Presentation API 
algorithm to [create a receiving browsing 
context](http://w3c.github.io/presentation-api/#dfn-create-a-receiving-browsing-context)
 that reference cookies, local storage, etc., should rather be turned 
into informative guidance.

(I also note that this algorithm does not reference some of the 
technologies listed in the "Site Data Controls" category such as 
AppCaches, and ServiceWorkers).

-- 
GitHub Notification of comment by tidoust
Please view or discuss this issue at 
https://github.com/w3c/presentation-api/issues/275#issuecomment-220054969
 using your GitHub account
Received on Wednesday, 18 May 2016 15:02:48 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 18 May 2016 15:02:48 UTC