[w3c/permissions] Delineate relationship between Permissions and Feature Policy (#176) from =JeffH on 2018-05-15 (public-webapps-github@w3.org from May 2018)

From: =JeffH <notifications@github.com>
Date: Tue, 15 May 2018 15:12:48 -0700
To: w3c/permissions <permissions@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/permissions/issues/176@github.com>

Over in wicg.discourse.io, [ian_clelland writes in response](https://discourse.wicg.io/t/relationship-of-permissions-feature-policy-origin-policy/2772/3?u=equalsjeffh-pp) to [a query regarding the relationship between Permissions and Feature Policy](https://discourse.wicg.io/t/relationship-of-permissions-feature-policy-origin-policy/2772?u=equalsjeffh-pp):

> Fundamentally, [Permissions](https://w3c.github.io/permissions/) is about the user, while [Feature Policy](https://wicg.github.io/feature-policy/) is about the web developer / site owner.

> The Permissions API provides a method for pages to request permission from the user for certain APIs. If the page is allowed to request permission, then the user can choose to grant / deny.

> Feature policy lets developers control which pages/frames are allowed to request permission. By default, scripts running in top-level pages (not inside of <iframes>) have the ability to request permissions from the user, while cross-origin pages in frames are not allowed to request permissions.

I made [the query](https://discourse.wicg.io/t/relationship-of-permissions-feature-policy-origin-policy/2772?u=equalsjeffh-pp) because the above, to me at least, is not clear in the Permissions spec.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/permissions/issues/176

Received on Tuesday, 15 May 2018 22:13:10 UTC