- From: Zoltan Kis via GitHub <sysbot+gh@w3.org>
- Date: Mon, 17 Aug 2015 21:34:29 +0000
- To: public-web-nfc@w3.org
For the record, the policies user agents (currently) should implement are: - to use the API a page must be visible and in focus (currently) - reading web tags is ok (but should currently obtain permission for using the API) - reading non-web tags must obtain user permission - beams must always be web tags - writing non-web tags should fail with error - writing web tags should obtain user permission - even when user permission is obtained, writing web tags is only permitted if the writer page origin is sub-domain match of web tag scope (it was meant to be described in the send() step 6 but needs to be expressed more clearly). This last one is challenged, because - the user (permission) should be able to override this, and - #2 actually does not mandate it, as it is concerned only with the other policies above. So I think we could relax the last policy, making scope informative (which origin has written/sent the data). But let me fix the latest number of issues and return to this bit later. -- GitHub Notif of comment by zolkis See https://github.com/w3c/web-nfc/issues/32#issuecomment-131968759
Received on Monday, 17 August 2015 21:34:30 UTC