W3C home > Mailing lists > Public > public-web-notification@w3.org > July 2012

Re: renamed iconUrl to icon

From: Jonas Sicking <jonas@sicking.cc>
Date: Wed, 11 Jul 2012 20:27:39 -0700
Message-ID: <CA+c2ei_-JMktPZrG=noXfwx16C1Nt1on7Bf0UK0nQiONZHg5PQ@mail.gmail.com>
To: Ian Hickson <ian@hixie.ch>
Cc: Anne van Kesteren <annevk@annevk.nl>, Web Notification WG <public-web-notification@w3.org>
On Tue, Jul 10, 2012 at 9:14 AM, Ian Hickson <ian@hixie.ch> wrote:
> On Tue, 10 Jul 2012, Jonas Sicking wrote:
>> One way to address all of the above problems is to require that an icon
>> URL is specified when the requestPermission function is called. That way
>> multiple URLs, and the implementation can display the icon when the
>> permission is requested, meaning that the user can review the icon that
>> will be used at the same time as the permission grant is happening. It
>> also allows the implementation to download all icons up front, meaning
>> that no network requests has to happen when a notification is displayed.
>> However this is a pretty big change to the API which we realize is
>> problematic.
> The ideal permission UI, IMHO, is one where the first time a site pops up
> a notification, it is constrained to appearing within its own frame (i.e.
> can't do anything more than it could do anyway with a positioned <div>),
> and somewhere on that notification is a button that "pops out" the
> notification to the system level, after which notifications from that
> origin can go to the system level (and similarly a button on the popped
> out notifications can revoke this permission).

Like Andrew, I don't think you could build a good user experience with
that solution.

I agree that showing notifications in-page is a good solution for
pages that tries to bring up notifications before the user has given
permission to open out-of-page. However I think we need a way for a
page to explicitly ask for permission to open out-of-page
notifications before it needs to actually notify the user.

> We could solve the spoofing icon problem by making this permission be
> scoped to the specific icon being displayed -- whenever the icon changes,
> either because its URL changed or because the image at that URL changed,
> then you implicitly cancel the permissions grant.

This would result in too many permission requests to really solve the
use-case of wanting to display the avatar of your chatting partner in
a chatting web app.

> Regarding the multiple icons issue, I recommend an approach similar to
> image-set() in CSS, srcset="" in HTML, or <link rel=icon sizes> in HTML,
> depending on what the exact requirements are.

This might work, but only solves one of the issues listed in the original email.

/ Jonas
Received on Thursday, 12 July 2012 03:28:38 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 19:53:14 UTC