- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Tue, 24 Jan 2017 08:46:25 +0100
- To: Frederik Braun <fbraun@mozilla.com>
- Cc: "mark a. foltz" <mfoltz@google.com>, Richard Barnes <rbarnes@mozilla.com>, Francois Daoust <fd@w3.org>, WebAppSec WG <public-webappsec@w3.org>, "public-web-security@w3.org" <public-web-security@w3.org>, "Kostiainen, Anssi" <anssi.kostiainen@intel.com>
On Tue, Jan 24, 2017 at 8:29 AM, Frederik Braun <fbraun@mozilla.com> wrote: > Also, note that a user giving permission to a site in a non-secure > context will be surprised to note that this permission is leaking all > over the public wifis he's using. > > I wonder if a permission prompt on non-secure contexts is useful at all. I think doing such prompts on non-secure contexts devalues the overall security of prompts. Assuming that the user is carefully making the distinction and weighing their options is just not something we know to be true. -- https://annevankesteren.nl/
Received on Tuesday, 24 January 2017 07:46:56 UTC