- From: Samuel Weiler <weiler@w3.org>
- Date: Tue, 11 Aug 2020 19:15:03 -0400
- To: public-web-security@w3.org
- Cc: Fuqiao Xue <xfq@w3.org>, anssi.kostiainen@intel.com, reillyg@google.com
Magnus Nyström did this review and filed several issues at https://github.com/w3c/geolocation-api/issues. Thank you, Magnus. Others are welcome to chime in also. While I'm recruiting individuals to look at specs in some depth, more eyes are most welcome. -- Sam On 6/23/20 11:26 PM, Fuqiao Xue wrote: > Hi, > > The Devices and Sensors WG plans to publish a new REC of the Geolocation > API Specification and requests a security and privacy review. Here's the > current ED: > > https://w3c.github.io/geolocation-api/ > > This specification defines an API that provides scripted access to > geographical location information associated with the hosting device. It > is now maintained by the Devices and Sensors WG, and contains the > following substantive changes since the last REC: > > - Now Controlled by feature policy > - Fixed confusion around callback interfaces not being an EventHandler > - Only expose the API in SecureContexts > - Renamed the interfaces and dictionaries + removal of > [NoInterfaceObject] + [SameObject] annotation on geolocation attribute > > (Note that the DAS WG is also working on a new API based on the Generic > Sensor API: https://w3c.github.io/geolocation-sensor/ ) > > Here's a link to the Security and privacy considerations section: > https://w3c.github.io/geolocation-api/#security > > Please file issues at > https://github.com/w3c/geolocation-api/issues > > Thanks, > > Fuqiao >
Received on Tuesday, 11 August 2020 23:15:06 UTC