- From: Martin Thomson <notifications@github.com>
- Date: Mon, 26 Oct 2015 18:31:49 -0700
- To: heycam/webidl <webidl@noreply.github.com>
Received on Tuesday, 27 October 2015 01:32:17 UTC
I think that this should be an exposure change, and not a variation in implementation. That is, interfaces, attributes and methods annotated with `[SecureContext]` should not be visible to content. Two reasons: one is that it allows us to remove attributes (e.g., `Window.crypto.subtle`) and interfaces as well as methods. Second being that this then relies instead on feature detection rather than error handling. In general, I think that apps treat absent features very differently to failing features. Critically, if `getUserMedia()` were to be annotated in this fashion (as Chrome is doing), then you only learn that it is broken in this fashion when you call it. However, calling `getUserMedia()` has side-effects that a site might try to avoid: the permission prompt. --- Reply to this email directly or view it on GitHub: https://github.com/heycam/webidl/pull/65#issuecomment-151336567
Received on Tuesday, 27 October 2015 01:32:17 UTC