W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2013

Re: Allow ... centralized dialog up front

From: Florian Bösch <pyalot@gmail.com>
Date: Sat, 2 Feb 2013 11:26:56 +0100
Message-ID: <CAOK8ODj4KL-zXkUd4nDDk1iQdeyPvNRtn88Ahn06doyQ6OZ53Q@mail.gmail.com>
To: Keean Schupke <keean@fry-it.com>
Cc: Arthur Barstow <art.barstow@nokia.com>, Charles McCathie Nevile <chaals@yandex-team.ru>, Adrienne Porter Felt <adriennefelt@gmail.com>, WebApps WG <public-webapps@w3.org>
On Sat, Feb 2, 2013 at 11:16 AM, Keean Schupke <keean@fry-it.com> wrote:

> I think a static declaration is better for security, so if a permission is
> not there I don't think it should be allowed to request it later. Of course
> how this is presented to the user is entirely separate, an the UI could
> defer the request until the first time the restricted feature is used, or
> allow all permissions that might be needed to be reviewed and
> enabled/disabled in one place.
That kills any benefit a developer could derive. The very idea is that you
can figure out up front what your user is gonna let you do, and take
appropriate steps (not adding parts of the UI, presenting a suitable
message that the application won't work etc.) as well as that if a user has
agreed up front, that you can rely on that API and don't need to
double-check at every step and add a gazillion pointless
onFeatureYaddaYaddaAllowCallback handlers.
Received on Saturday, 2 February 2013 10:27:24 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:13:58 UTC