On Fri, Sep 12, 2014 at 8:44 PM, Ehsan Akhgari <[email protected]> wrote: > The permission manager itself is unaware of browsing contexts, it is the > consumer which decides how to query it.
But shouldn't it be aware of this so you can adequately scope the permission? E.g. I could grant https://amazingmaps.example/ when embedded through https://okaystore.invalid/ permission to use my location. But it would not be given out if it were embedded through https://evil.invalid/ later on. Or e.g. I could allow YouTube embedded through reddit to go fullscreen, but not necessarily YouTube itself or when embedded elsewhere. -- http://annevankesteren.nl/ _______________________________________________ dev-platform mailing list [email protected] https://lists.mozilla.org/listinfo/dev-platform
