- From: Robert O'Callahan <robert@ocallahan.org>
- Date: Sat, 30 Apr 2011 21:23:38 +1200
On Sat, Apr 30, 2011 at 11:41 AM, Glenn Maynard <glenn at zewt.org> wrote: > This is why--in general--I like the model so far: the user is asked for > permission in response to actually doing something that uses a feature. In > the notepad app, you're asked for permission to access the internet when > you > select "sync notes to your desktop PC"; it's immediately obvious why it's > asking for it. (That's an Android example, of course, not a web app > example.) > Hopefully the ultimate solution will deal with both, allowing UAs the option > of asking all at once or on-demand, depending on the situation. (Some > permissions inherently have to be asked in advance, like Web Notifications, > which doesn't happen in response to a user action.) > The application could have a settings page with a checkbox "Enable desktop notifications". When you click on that box, the browser shows its (passive, asynchronous) UI for enabling desktop notifications for that application. Asking for specific permissions in the context of a user action is the only model that makes sense to me. When applications ask for a big bundle of permissions in advance, how can I as a user know what to do? I'm sure to get into a habit of either blindly denying the permissions (crippling applications), or granting the permissions (terrible for security). While some Mozilla developers may think "big bundle of permissions" is a good idea, others such as me do not. Rob -- "Now the Bereans were of more noble character than the Thessalonians, for they received the message with great eagerness and examined the Scriptures every day to see if what Paul said was true." [Acts 17:11]
Received on Saturday, 30 April 2011 02:23:38 UTC