W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2015

Re: Permissions API vs local APIs

From: Miguel Garcia <miguelg@chromium.org>
Date: Wed, 6 May 2015 17:34:51 +0100
Message-ID: <CAGTrua3G=-A_=OL09obw+dVeP6QLAuPS55=cTLRx+Xu_BQcm7Q@mail.gmail.com>
To: Doug Turner <dougt@mozilla.com>
Cc: Anne van Kesteren <annevk@annevk.nl>, Jonas Sicking <jonas@sicking.cc>, Martin Thomson <mt@mozilla.com>, Michael van Ouwerkerk <mvanouwerkerk@google.com>, Mike West <mkwst@google.com>, WebApps WG <public-webapps@w3.org>, WebAppSec WG <public-webappsec@w3.org>
Notifications has it (as a property instead of a method which is a pain).

I think that once the permissions API has shipped in both Mozilla and
Chrome we should get future APIs to use it exclusively. Push seems to be a
bit border line given the timeline so I think we should just implement in
both places.

On Wed, May 6, 2015 at 5:00 PM, Doug Turner <dougt@mozilla.com> wrote:

> The way I would look at this is based on timeframe — if we’re not
> implementing the Permissions API until 2017 or something, i’d just leave
> the functionality in the PushAPI spec.  If the Permission API is right
> around the corner, I would remove it form the PushAPI spec.
>
> Do any other APIs have a permission check function in their interface?
> Geo doesn’t (which shares a similar permission model).
>
>
>
>
>
> > On May 6, 2015, at 8:39 AM, Anne van Kesteren <annevk@annevk.nl> wrote:
> >
> > On Wed, May 6, 2015 at 5:33 PM, Jonas Sicking <jonas@sicking.cc> wrote:
> >> I think Mozilla would be fine with taking the permission API as a
> >> dependency and implement that at the same time. Implementing the
> >> permission API should be fairly trivial for us.
> >>
> >> But we should verify this with the people actually working on the push
> API.
> >>
> >>> On Wed, May 6, 2015 at 10:59 AM, Michael van Ouwerkerk
> >>> <mvanouwerkerk@google.com> wrote:
> >>>> Yes, we wanted to ensure this is in the Push API because that seems to
> >>>> have more implementation momentum from browser vendors than the
> Permissions
> >>>> API. We didn't want developers to do hacky things in the meantime. I
> agree
> >>>> that once the Permissions API has critical mass, that should be the
> single
> >>>> place for checking permissions.
> >
> > Martin, Doug?
> >
> >
> > --
> > https://annevankesteren.nl/
>
>
Received on Friday, 8 May 2015 02:25:03 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:13 UTC