W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2015

Re: Permissions API vs local APIs

From: Michael van Ouwerkerk <mvanouwerkerk@google.com>
Date: Wed, 6 May 2015 10:59:07 +0100
Message-ID: <CAF40kP6==r5iTUpcN0YzfsaGk1bd6vjcKDL7Gs6n6D+3v-cwQg@mail.gmail.com>
To: Anne van Kesteren <annevk@annevk.nl>
Cc: Mike West <mkwst@google.com>, Jonas Sicking <jonas@sicking.cc>, WebApps WG <public-webapps@w3.org>, WebAppSec WG <public-webappsec@w3.org>
On Wed, May 6, 2015 at 6:25 AM, Anne van Kesteren <annevk@annevk.nl> wrote:

> On Wed, May 6, 2015 at 12:32 AM, Mike West <mkwst@google.com> wrote:
> > I agree with Jonas. Extending the permission API to give developers a
> single
> > place to check with a single consistent style seems like the right way to
> > go.
>
> Yet others at Google are pushing the expose them twice strategy...
> Perhaps because the Permissions API is not yet ready?
>

Yes, we wanted to ensure this is in the Push API because that seems to have
more implementation momentum from browser vendors than the Permissions API.
We didn't want developers to do hacky things in the meantime. I agree that
once the Permissions API has critical mass, that should be the single place
for checking permissions.

Regards,

Michael



>
> --
> https://annevankesteren.nl/
>
>
Received on Wednesday, 6 May 2015 09:59:35 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:13 UTC