W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2014

Re: Rechartering: Permissions API

From: Daniel Veditz <dveditz@mozilla.com>
Date: Wed, 12 Nov 2014 11:45:10 -0800
Message-ID: <5463B8C6.4010108@mozilla.com>
To: Mounir Lamouri <mounir@lamouri.fr>, public-webappsec@w3.org, hillbrad@gmail.com
CC: Marcos Caceres <w3c@marcosc.com>
On 11/12/2014 10:06 AM, Mounir Lamouri wrote:
> I would like to suggest to add permissions handling as part of the
> webappsec charter with one concrete deliverable being the  Permissions
> API specification.

Have you approached other working groups about this specification, and
if so what was their response? This isn't really a security feature (the
permissions themselves may be, but not just reading their state) so it
seems better suited for some place like public-webapps.

Is it necessary to distinguish between "denied" and "prompt"? If a
permission isn't already granted I'm not sure it's any of the page's
business whether I've denied them or not -- they should (try to) ask if
they want to know.

-Dan Veditz
Received on Wednesday, 12 November 2014 19:45:48 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:08 UTC