Re: Intent to put Permission API's .revoke() method behind a pref

2016-08-17 Thread Jan-Ivar Bruaroey
I support putting .revoke() behind a pref (I would like to go further and remove it since I find it problematic, but a pref is a start). On 8/17/16 3:34 AM, Anne van Kesteren wrote: On Wed, Aug 17, 2016 at 9:13 AM, Marcos Caceres wrote: We should maybe also pref .query() too... wdyt? The ma

Re: Intent to put Permission API's .revoke() method behind a pref

2016-08-17 Thread Marcos Caceres
On August 17, 2016 at 5:02:07 PM, Anne van Kesteren (ann...@annevk.nl) wrote: > On Wed, Aug 17, 2016 at 6:48 AM, wrote: > > There is consensus that .query() is beneficial, so that one can remain. > > Is there really? Well, the use case at least: that a developer should not need to actually invoke

Re: Intent to put Permission API's .revoke() method behind a pref

2016-08-17 Thread Martin Thomson
On Wed, Aug 17, 2016 at 5:34 PM, Anne van Kesteren wrote: > Interesting, I guess I didn't realize that covered more than just > query(). If we ship a subset of an API it probably would help to be > clear, indeed. Well, it only mentioned .query() explicitly, but then said "other parts will be impl

Re: Intent to put Permission API's .revoke() method behind a pref

2016-08-17 Thread Anne van Kesteren
On Wed, Aug 17, 2016 at 9:13 AM, Marcos Caceres wrote: > Well, it covers the 80% case (specially on mobile, where tabs are not > at useful). But yeah... the model is not there :( That is a good point. When isolated to a browsing context it's still very useful information for website UX. > We s

Re: Intent to put Permission API's .revoke() method behind a pref

2016-08-17 Thread Martin Thomson
On Wed, Aug 17, 2016 at 5:02 PM, Anne van Kesteren wrote: > The main problem with query as I see it is that since we haven't > agreed on what permissions are keyed on, an application cannot really > do anything with the answer it gets from query. E.g., communicating > the answer with other open ta

Re: Intent to put Permission API's .revoke() method behind a pref

2016-08-17 Thread Anne van Kesteren
On Wed, Aug 17, 2016 at 6:48 AM, wrote: > There is consensus that .query() is beneficial, so that one can remain. Is there really? The main problem with query as I see it is that since we haven't agreed on what permissions are keyed on, an application cannot really do anything with the answer i

Re: Intent to put Permission API's .revoke() method behind a pref

2016-08-16 Thread Martin Thomson
Sounds like a good plan. (For those who might be wondering: .request() was never exposed.) On Wed, Aug 17, 2016 at 2:48 PM, wrote: > Summary: It seems we prematurely shipped the .revoke() method on the > Permissions API before it was stable or deciding if we even wanted it in the > platform.

Intent to put Permission API's .revoke() method behind a pref

2016-08-16 Thread marcos
Summary: It seems we prematurely shipped the .revoke() method on the Permissions API before it was stable or deciding if we even wanted it in the platform. For those that don't know it: navigator.permission.revoke() allows a site to self-revoke a permission after a user has granted that permis