Re: Presentation API in non secure contexts

On Tue, Jan 24, 2017 at 8:29 AM, Frederik Braun <fbraun@mozilla.com> wrote:
> Also, note that a user giving permission to a site in a non-secure
> context will be surprised to note that this permission is leaking all
> over the public wifis he's using.
>
> I wonder if a permission prompt on non-secure contexts is useful at all.

I think doing such prompts on non-secure contexts devalues the overall
security of prompts. Assuming that the user is carefully making the
distinction and weighing their options is just not something we know
to be true.


-- 
https://annevankesteren.nl/

Received on Tuesday, 24 January 2017 07:46:56 UTC