- From: Navarr Barnier <me@navarr.me>
- Date: Wed, 11 Jul 2012 23:35:58 -0400
- To: Jonas Sicking <jonas@sicking.cc>
- Cc: Doug Turner <dougt@dougt.org>, Anne van Kesteren <annevk@annevk.nl>, Web Notification WG <public-web-notification@w3.org>
- Message-ID: <CAD4Vo+6ucqKKsh=eNP3WRycOErRD3QK=hStcEXMJ1SmNhawxhA@mail.gmail.com>
This could easily be an implementation detail that isn’t necessary by the spec. While I’m only a developer offering his thoughts on the public forum, I’m not sure it’s a feature specifications place to try to protect a user against every single thing a rogue web application can do. That said, a custom implementation such as Chrome’s could display the site’s favicon in both the request and in the notification, but doing so won’t make a website that was engineered to look like Facebook any less dangerous. The important part that we should be alerting the user to (on permission request) is the URL - and again that's an implementation detail, I personally feel. So long as implementers continue to utilize “by approval only” user’s will be protected. “By approval only” is thereby a security feature. To that regard, attempting to add permissions based off of icons and adding multiple icons is unnecessarily complicating a simplistic API. To the regards of different icons per resolutions, perhaps that would be better served with features such as canvas and SVG, the latter as which should already be treatable as an image by many web browsers(?). ----- Navarr T. Barnier (熊軍平野) me@navarr.me http://navarr.me/ On Wed, Jul 11, 2012 at 11:23 PM, Jonas Sicking <jonas@sicking.cc> wrote: > On Tue, Jul 10, 2012 at 9:13 AM, Doug Turner <dougt@dougt.org> wrote: > >> The fact that icons and titles can be set on a per-notification basis > makes it very easy to trick the user into thinking that a notification is > coming from someplace other than where it's coming. > > > > fwiw, i think that this is a feature. Use case: Notifications from my > > email provider would display the the sender's image as the icon. Use > > case two: Tweets including the user's image. > > > > Is it possible to support this case? > > > > Maybe it is useful to have two icons? One icon for the document that > > is posting the notification, and one icon per-notification. This > > would allow things like Twitter to have one icon for their application > > and another icons per tweet. We might be able to derive the > > application icon via the favicon or use the application icon for > > 'installed web apps'. > > Technically having two icons is of course implementable on at least > some platforms. But I'm not sure how we'd implement it on android for > example which I *think* limits what we can put in a notification. > > I definitely agree that allowing the page to set the icon supports > more good use cases. However I'm just not sure how to do it securely. > > / Jonas > >
Received on Thursday, 12 July 2012 03:37:37 UTC