W3C home > Mailing lists > Public > public-webappsec@w3.org > August 2016

Re: Permissions store

From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 18 Aug 2016 19:38:58 +1000
Message-ID: <CABkgnnXeOxk98Ham3-nRhiH0ePjvqbKZAXZJxzVP9WM7Qc8O5g@mail.gmail.com>
To: Anne van Kesteren <annevk@annevk.nl>
Cc: Raymes Khoury <raymes@google.com>, Martin Thomson <mt@mozilla.com>, Jeffrey Yasskin <jyasskin@google.com>, WebAppSec WG <public-webappsec@w3.org>, Marcos Caceres <marcos@marcosc.com>, Mounir Lamouri <mlamouri@google.com>, Ben Wells <benwells@google.com>
On 18 August 2016 at 17:44, Anne van Kesteren <annevk@annevk.nl> wrote:
> This is exactly the kind of thing that is problematic. Since if a UA
> ships that and sites come to depend on it, other UAs will have to
> copy. Requiring changes to the standard for such practices is a good
> way to keep everyone informed of competitive pressures.


It almost sounds like you want to be able to receive an event when
this happens.  Because rejection of a previously granted permission is
entirely asynchronous with anything that is happening on a page.  And
it currently manifests in different ways.  The same applies to any
change in state.

What makes an event potentially difficult is that I can imagine cases
where these changes - like that cat in the box - aren't necessarily
visible until you ask.
Received on Thursday, 18 August 2016 09:39:26 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:21 UTC