Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

One time permissions: exposing and specifying grant type #418

Open
fjacky opened this issue Aug 14, 2023 · 1 comment
Open

One time permissions: exposing and specifying grant type #418

fjacky opened this issue Aug 14, 2023 · 1 comment

Comments

@fjacky
Copy link

fjacky commented Aug 14, 2023

We've received feedback on the two following items, and wanted to share our view as well as request others' view on them.

Should we expose whether the user decided to grant ephemerally or persistently?

We are worried about potential dark patterns that exposing this information would enable. For example, a website may decide to not accept an ephemeral grant at all. This would negatively impact the privacy benefits that one-time permissions provide. While there may be use cases where a site can use this information to improve the user experience, we believe that the risks outweigh the benefits.

Should navigator.permissions.request() allow specification of grant type?

Supporting the ability to request one-time grants only (i.e. showing no permanent grant option on the prompt), is privacy-positive, and something that we would be open to support. In case of API changes here, we believe only grant type restrictions towards more privacy preserving should be explored.
@miketaylr
Copy link
Member

Both points of feedback seem reasonable to me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@miketaylr @fjacky