- From: Daniel Veditz <dveditz@mozilla.com>
- Date: Wed, 12 Nov 2014 11:45:10 -0800
- To: Mounir Lamouri <mounir@lamouri.fr>, public-webappsec@w3.org, hillbrad@gmail.com
- CC: Marcos Caceres <w3c@marcosc.com>
On 11/12/2014 10:06 AM, Mounir Lamouri wrote: > I would like to suggest to add permissions handling as part of the > webappsec charter with one concrete deliverable being the Permissions > API specification. Have you approached other working groups about this specification, and if so what was their response? This isn't really a security feature (the permissions themselves may be, but not just reading their state) so it seems better suited for some place like public-webapps. Is it necessary to distinguish between "denied" and "prompt"? If a permission isn't already granted I'm not sure it's any of the page's business whether I've denied them or not -- they should (try to) ask if they want to know. -Dan Veditz
Received on Wednesday, 12 November 2014 19:45:48 UTC