- From: Matt Giuca <notifications@github.com>
- Date: Tue, 15 Sep 2020 18:12:18 -0700
- To: w3c/manifest <manifest@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 16 September 2020 01:12:30 UTC
The difference between the pointer lock and the install prompt APIs is that the latter can be used to establish a permanent presence on the user's machine, whereas a pointer lock (while annoying), doesn't have any long-term side effects once the user escapes out of it (and, on Chrome at least, we show UI to tell the user how to get out of it). To be clear, the reason we regulate access to the install prompt is less to do with the modality of the dialog, but the consequence to the user if they just accept it without thinking. (Note: Installation generally doesn't grant extra permissions, but it does put the app on the user's system, which provides future opportunities for spoofing as it will be launched without browser UI.) A closer analogy is the notifications permission, which also establishes a permanent presence on the user's machine. And that certainly _is_ being abused, in large numbers. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/manifest/issues/627#issuecomment-693110933
Received on Wednesday, 16 September 2020 01:12:30 UTC