Re: Allow ... centralized dialog up front

On Fri, Feb 1, 2013 at 3:12 AM, Anne van Kesteren <> wrote:

> On Thu, Jan 31, 2013 at 2:18 PM, Florian Bösch <> wrote:
> > I would propose to centralize this and make it an up-front dialog
> remembered
> > for a site such that:
> That kind of bulk approach does not work. Users don't understand
> what's going on. (This has been discussed in the past too, I suggest
> you read the archives of this list, public-web-notifications maybe,
> and probably public-device-apis.)

A bulk dialog is also bad UX: it's asking for a bunch of permissions
independently of the user actually using them, so the user doesn't know why
the site is asking for it.  If you ask the user "this site wants to know
where you are" when they click a "show driving directions" button, it's
infinitely more obvious to the user *why* the site wants this
permission--because it relates to the thing they just clicked.

On Fri, Feb 1, 2013 at 8:29 AM, Florian Bösch <> wrote:

> Repetitive permission dialog popups at random UI-flows will not solve the
> permission fatique any more than a centralized one does.

It does, because they're being asked for permission in response to doing
something.  It's much clearer and less annoying to be asked "allow this app
to use your camera?" when you click the "take a picture and post it" than
to get a dialog with a big list of permission requests in advance, when you
don't know what features each permission is for or if you'll want to use
those features.

- extension of trust towards a site regardless of what they ask for (do I
> trust that Indie game developer? Yes! Do I trust google? No! or vice versa)

This is unrelated.  Browsers can give an "allow all permissions for this
site" option if they want.  I doubt they will, unless it's buried in an
options dialog somewhere or something.

- make it easy for developers not to add UI-flows into their application
> leading to things the user didn't want to give (Do we want a menu entry
> "save to local storage" if the user checked off the box to allow local
> storage? I think not.)

(I don't know what this means, but I think you're stretching a bit.)

- make it easy for developers to not waste users time by pretending to have
> a working application, which requires things the user didn't want to give.
> (Do we really want to offer our geolocated, web-camera using chat app to
> users who didn't want to give permission to to either? I think not. Do we
> want to make him find that out after he's been entering our UI-flow and
> been pressing buttons 5 minutes later? I think not.)

Of course you do; they simply use the chat app with geolocation and the
camera disabled.

If you want to say "this site requires access to your location", you don't
change the security model.  Just say it on the page.

Glenn Maynard

Received on Saturday, 2 February 2013 00:53:09 UTC