- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Tue, 05 Jul 2011 17:12:08 -0400
On 7/5/11 5:04 PM, Michael Davidson wrote: > If the asking for permission can happen in a context in which the > user can't tell what's being asked for, it's a really bad idea... > > Can you clarify what you mean? Requiring an in-page click doesn't mean > that the user understands either. Malicious pages can just lie in the > text. Seems like it's up to UAs to make sure users understand, and > requiring an in-page click won't help that. Yes, I'm not saying in-page click is a solution. It works for popups, sort of, but I don't think it does for permission request notifications. > This is the one reason that permission requests don't have that > higher bar yet, yes. > > Sadly, they do for desktop notifications. Fortunately, they do not for > rPH. :) To be clear, I meant a higher bar than popup windows. -Boris
Received on Tuesday, 5 July 2011 14:12:08 UTC