A large number of permissions we currently allow users to store persistently for a given origin. I suggest we stop offering that functionality when there's no lock in the address bar. This will make it harder for a network attacker to abuse these permissions. This would affect UX for:
* Geolocation * Notification * Fullscreen * Pointer Lock * Popups If you are interested in demos of how these function today: * http://dontcallmedom.github.io/web-permissions-req/tests/geo-get.html * http://dontcallmedom.github.io/web-permissions-req/tests/notification.html * http://dontcallmedom.github.io/web-permissions-req/tests/fullscreen.html * http://dontcallmedom.github.io/web-permissions-req/tests/pointerlock.html * http://dontcallmedom.github.io/web-permissions-req/tests/popup.html Note that we have already implemented this for getUserMedia(). You can contrast the UX for these two links: * http://dontcallmedom.github.io/web-permissions-req/tests/gum-audiovideo.html * https://dontcallmedom.github.io/web-permissions-req/tests/gum-audiovideo.html This seems like a change we can make today that would be better for our users and nudge those that require persistence to do the right thing, without causing much harm. -- https://annevankesteren.nl/ _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
