- From: Bjoern Hoehrmann <derhoermi@gmx.net>
- Date: Wed, 07 Sep 2011 04:20:13 +0200
- To: Robin Berjon <robin@berjon.com>
- Cc: www-dom@w3.org, public-device-apis@w3.org
* Robin Berjon wrote: >in working on the Contacts API[0], DAP has described a security model in >which opening up a contacts picker (which is similar in idea to a file >picker, but — you guessed if — for contacts rather than files) can be >triggered only by code that traces back to a genuine user action. The >idea is that this would be similar to the way in which window.open() or ><input type=file>.click() are handled so as to prevent abuse but not >require an ugly control. And what is the problem you are trying to solve, exactly? Do you think there will be disputes where someone presents a plausible scenario and some people will say "this was a genuine user action meant to bring up the picker" and many others will plausibly claim it wasn't? UI design does not seem to allow for this kind of dispute. If you tell the code monkeys how to implement this exactly, you would quite inevitably do cause such a dispute, in a worse form, because behavior that does not correspond to user expectations would be backed by a specifcation, and people would talk about that instead of using common sense. You don't need a centralised definition for this either, if you feel the above sufficiently conveys the your ideas, on the contrary, if the idea is "make this like this file upload thing", everybody will under- stand that much better than when you start referencing "dblclick". And if that is not what you mean, then you failed to convey your ideas to my humble self, in which case "dblclick" doesn't do you any good either. User intent is between the user and the user interface, you can't get below that from a lower level specification that relies on the UI, it would be a layering violation. -- Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
Received on Wednesday, 7 September 2011 02:20:35 UTC