On 2014-09-15, 4:40 PM, Jonas Sicking wrote:
On Mon, Sep 15, 2014 at 11:15 AM, Ehsan Akhgari <ehsan.akhg...@gmail.com> wrote:
On 2014-09-14, 3:54 AM, Anne van Kesteren wrote:
On Sat, Sep 13, 2014 at 5:42 PM, Eric Rescorla <e...@rtfm.com> wrote:
I just tested this and it appears that at least for gUM, IFRAMEs do *not*
get persistent permissions even if they would have them if they were
in the top level window. Rather, you always get prompted. You can
test this yourself using:
https://mozilla.github.io/webrtc-landing/gum_test.html
and
https://mozilla.github.io/webrtc-landing/gum_iframe.html (note: contains
mixed content for
test purposes) or the HTTP variant.
That sounds good. However, given that apparently that's not something
the permission manager takes care of, it might be nice to cover it
there, so this becomes easier for all kinds of APIs that require
permission.
We could obviously do what you suggest, but it's not really obvious to me
whether the same behavior makes sense everywhere.
The argument that I'm making, and I think Anne is too, is that we
should have the ability to store policies like this in the
nsIPermissionManager. That way we *can* use it in places where it
makes sense, or we can choose to simply store policies like "allow
youtube.com to use flash independent of parent frames" where that
makes sense.
Yes, of course, I agree that we should do that.
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
