- From: Pranjal Jumde via GitHub <sysbot+gh@w3.org>
- Date: Sun, 15 Nov 2020 01:25:37 +0000
- To: public-webauthn@w3.org
jumde has just created a new issue for https://github.com/w3c/webauthn: == Location extension returns the authenticator coordinates to RP without user consent == A user consent/permission prompt should be presented to the user before returning the coordinates to the relying party. Web-pages trying to retrieve information about user's current location when the user does not wish to reveal it for example: using vpn or tor - can use this to leak the current user-coordinates. Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1517 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Sunday, 15 November 2020 01:25:39 UTC