Re: [w3c/permissions] Define a permission store (closes #384) (PR #390) from Mike Taylor on 2022-11-30 (public-webapps-github@w3.org from November 2022)

From: Mike Taylor <notifications@github.com>
Date: Wed, 30 Nov 2022 06:18:40 -0800
To: w3c/permissions <permissions@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/permissions/pull/390/review/1177720296@github.com>

@miketaylr commented on this pull request.



> @@ -278,6 +278,93 @@ <h3>
           reset because its [=permission/lifetime=] has expired.
         </p>
       </section>
+      <section>
+        <h3>
+          Permission Store
+        </h3>
+        <p>
+        The user agent maintains a single <dfn class="export">global permission store</dfn> which is a list of [=permission store entries=].
+        The user agent removes [=entries=] from the list when their respective [=permission=]'s [=permission/lifetime=] has expired.
+        </p>
+        <p class="issue">
+        We should still allow UAs flexibility in giving out permissions with smaller scope and lifetime (e.g. per-tab) in some form. There should generally still be enough room for exploration here.

(we should file an issue for this, rather than only have an inline issue)

> +            Takes an [=environment settings object=], and returns a new [=permission key=].
+            If unspecified, this defaults to the <a>default permission key generation algorithm</a>.
+            A feature that specifies a custom [=powerful feature/permission key generation algorithm=] MUST also specify a
+            [=powerful feature/permission key comparison algorithm=].
+          </p>
+          <p>
+            The <dfn class="export">default permission key generation algorithm</dfn>,
+            given an [=environment settings object=] |settings|, runs the following steps:
+          </p>
+          <ol class="algorithm">
+            <li>
+              Return |settings|'s [=environment/top-level origin=].
+            </li>
+          </ol>
+          <aside class="note" title="Permission Delegation">
+            Most powerful features grant permission to the top-level origin and delegate access to the requesting document via [[[webappsec-permissions-policy]]].

I think this reference is the cause of the build error, you probably want `[[[permissions-policy-1]]]` (see https://www.specref.org/?q=permissions-policy)

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/permissions/pull/390#pullrequestreview-1177720296
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/permissions/pull/390/review/1177720296@github.com>

Received on Wednesday, 30 November 2022 14:18:52 UTC