Re: [w3c/permissions] "Requesting more permission" algorithms are tightly coupled to prompts (#153)

**Summary of Issue #153** (Thanks ChatGPT)

**Context:**  
This issue revolves around whether the Permissions specification should explicitly require that permission requests be made only after direct user interaction (e.g., a click) rather than immediately on page load or without user initiation.

**Key Points:**

1. **User Interaction as a Prerequisite:**  
   Some participants suggested that the spec mandate that permission prompts occur only following direct user action, thereby preventing premature or contextless permission requests.

2. **Existing Browser Heuristics:**  
   Browsers already employ their own strategies. For instance, many browsers delay or gate permission prompts until after a user interaction to improve UX. These heuristics vary and are often updated as browser vendors experiment.

3. **Challenges in Standardization:**  
   Standardizing such gating is complex. The discussion highlighted that different user agents have different approaches, and encoding a strict rule in the specification could hinder flexibility and innovation.

4. **Leaving it to User Agents:**  
   The consensus leaned toward not mandating interaction requirements within the spec itself. Instead, the specification remains neutral, allowing each browser to implement and refine their own protective measures.

**Conclusion:**  
No normative changes were agreed upon. The spec will not prescribe user interaction gating, leaving that decision to user agents. Consequently, there are no new actionable items or spec-level updates arising from this issue.


-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/permissions/issues/153#issuecomment-2555851440
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/permissions/issues/153/2555851440@github.com>

Received on Thursday, 19 December 2024 22:04:27 UTC