- From: Anne van Kesteren <notifications@github.com>
- Date: Wed, 27 Apr 2016 23:43:34 -0700
- To: w3c/permissions <permissions@noreply.github.com>
- Cc:
- Message-ID: <w3c/permissions/pull/91/r61379434@github.com>
> + <h3 id="storage-manipulation">Storage Manipulation Algorithms</h3>
> +
> + <p>
> + Other specifications can use the algorithms defined in this section to
> + manipulate the <a>permission store</a> from their algorithms.
> + </p>
> +
> + <div class="example" id="example-storage-manipulation">
> + <p>
> + The [[notifications]] API can check for the user having granted
> + permission using:
> + </p>
> + <blockquote>
> + If the {{"notifications"}} <a>permission's state</a> is not
> + {{"granted"}}, reject <var>promise</var> with a {{TypeError}} exception
> + and terminate these substeps.
Gecko used to have a domain-based permission model as well, even across HTTP/HTTPS. We recently fixed that to make it origin-based.
(My comment about `document.domain` was slightly misleading. With `document.domain` those settings objects can have different origins, period. They would compare as equal for "same origin-domain", but might not always do so, and I believe we typically use "same origin" for permissions though as you noted there is still some variance there.)
---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/permissions/pull/91/files/315ae14c94bbc7cc55126faa1dfb4d3a7a26e89a#r61379434
Received on Thursday, 28 April 2016 06:44:29 UTC