On Fri, Sep 12, 2014 at 8:44 PM, Ehsan Akhgari <ehsan.akhg...@gmail.com> wrote: > The permission manager itself is unaware of browsing contexts, it is the > consumer which decides how to query it.
But shouldn't it be aware of this so you can adequately scope the permission? E.g. I could grant https://amazingmaps.example/ when embedded through https://okaystore.invalid/ permission to use my location. But it would not be given out if it were embedded through https://evil.invalid/ later on. Or e.g. I could allow YouTube embedded through reddit to go fullscreen, but not necessarily YouTube itself or when embedded elsewhere. -- http://annevankesteren.nl/ _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
