Re: [POWER] New vs Legacy functionality (Re: "Requirements for Powerful Features" strawman.) from Chris Palmer on 2014-12-09 (public-webappsec@w3.org from December 2014)

From: Chris Palmer <palmer@google.com>
Date: Tue, 9 Dec 2014 11:35:16 -0800
To: Mike West <mkwst@google.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, Mark Watson <watsonm@netflix.com>, "public-geolocation@w3.org" <public-geolocation@w3.org>, "Nottingham, Mark" <mnotting@akamai.com>
Message-ID: <CAOuvq215FcbCwPms-sPi9jchgEzWGsVJGvfVpGv4pA+1SCOJgg@mail.gmail.com>

On Tue, Dec 9, 2014 at 6:39 AM, Mike West <mkwst@google.com> wrote:

> I took a stab at this in
> https://w3c.github.io/webappsec/specs/powerfulfeatures/#restrictions.
> Feedback?

"""If result is Insecure, then [insert something appropriate here:
perhaps you could reject a Promise, call an error callback, deny a
permission request, etc.]."""

How about:

"""If result is Insecure, then the callee could for example reject the
Promise, callback a caller's error handler, deny a permission request,
or return an empty or lower-resolution result object."""

Received on Tuesday, 9 December 2014 19:35:45 UTC