Re: [w3c/permissions] feat(prompts): allow UAs to deny non-gesture prompts (#107)

@annevk please see https://github.com/w3c/permissions/issues/77 so we don't discuss this twice (it mentions at least [one use-case](https://github.com/w3c/permissions/issues/77#issuecomment-223095222)).

This was also discussed on an email thread with permission and UX people at Mozilla, where we found that deep linking (from bookmarks, links from chats and other sites) is a valid use-case for repeat visitors, which is made worse only for (most) Firefox users (since unlike Chrome, Firefox supports non-persistent grants, and offers it by default).

Importantly, it's not the *feature* that Google wants to restrict to a user gesture, only the (to them initial) permission prompt, so you won't hear them argue there are no use-cases.

In fact, I'm sure Google will continue to support e.g. geo-location on page-load for all repeat visitors (read: implicit persistent permission granters). The only losers are Firefox users who resist granting sites persistent access to their whereabouts (still most Firefox users, given it's default).

Will this help prevent permission spamming? In Chrome, yes (marginally, since the remedy is half-baked in that it likely only delays an inevitable prompt), because it detects first-time visits really well.

In Firefox, this dragnet fails to distinguish first-time visitors from privacy-minded visitors, so it hurts a segment that had nothing to do with spam.


---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/permissions/pull/107#issuecomment-234253734

Received on Thursday, 21 July 2016 13:33:11 UTC