[w3c/permissions] One time permissions: exposing and specifying grant type (Issue #418)

We've received feedback on the two following items, and wanted to share our view as well as request others' view on them.

> Should we expose whether the user decided to grant ephemerally or persistently?

We are worried about potential dark patterns that exposing this information would enable. For example, a website may decide to not accept an ephemeral grant at all. This would negatively impact the privacy benefits that one-time permissions provide. While there may be use cases where a site can use this information to improve the user experience, we believe that the risks outweigh the benefits.

> Should navigator.permissions.request() allow specification of grant type?

Supporting the ability to request one-time grants only (i.e. showing no permanent grant option on the prompt), is privacy-positive, and something that we would be open to support. In case of API changes here, we believe only grant type restrictions towards more privacy preserving should be explored.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/permissions/issues/418
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/permissions/issues/418@github.com>

Received on Monday, 14 August 2023 11:41:37 UTC