W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2015

Re: Permissions API vs local APIs

From: Mounir Lamouri <mounir@lamouri.fr>
Date: Wed, 06 May 2015 19:38:02 +0100
Message-Id: <1430937482.1542520.263598017.69A80671@webmail.messagingengine.com>
To: Doug Turner <dougt@mozilla.com>, Jonas Sicking <jonas@sicking.cc>
Cc: Anne van Kesteren <annevk@annevk.nl>, Martin Thomson <mt@mozilla.com>, Miguel Garcia <miguelg@chromium.org>, Michael van Ouwerkerk <mvanouwerkerk@google.com>, Mike West <mkwst@google.com>, WebApps WG <public-webapps@w3.org>, WebAppSec WG <public-webappsec@w3.org>, marcos@marcosc.com
On Wed, 6 May 2015, at 19:07, Doug Turner wrote:
> > On May 6, 2015, at 11:00 AM, Jonas Sicking <jonas@sicking.cc> wrote:
> > 
> > FWIW, the permission API as it currently stands is pretty trivial to
> > implement. So I don't see a reason to delay until 2017 or even Q3
> > 2015.
> If the spec is ready to go (what’s anne’s worry), then lets implement it
> and remove the stuff from PushAPI.
> Marcos|Mounir, do you two have any thoughts on this?

I agree with Jonas: we should delegate the check to the Permissions API.
However, I don't see how I can enforce that if the Push API doesn't want
to. I would be more than happy to have the spec specify the
PermssionDescriptor for Push, FWIW.

-- Mounir
Received on Wednesday, 6 May 2015 18:38:28 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:49 UTC