[w3c/permissions] Allow returning "prompt" rather than "denied" (Issue #388)

"denied" at times reveals information about prior visits that user agents might not be willing to expose. For certain permissions we might want to categorically outlaw it if all user agents are in agreement.

"denied" should be fine to return when it's the result of Permissions Policy or when lacking a secure context. I don't think that needs changing.

For other cases, user agents should be permitted to return "prompt", probably implementation-defined? But also, for certain permissions all implementations might be in agreement to not return "denied" (except as per above), such as "storage-access". The specification should provide infrastructure for that as well as it'll leave less up to implementations.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/permissions/issues/388
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/permissions/issues/388@github.com>

Received on Tuesday, 25 October 2022 11:55:47 UTC