[whatwg] Proposal for a web application descriptor
Glenn Maynard
glenn at zewt.org
Fri Apr 29 16:41:18 PDT 2011
On Fri, Apr 29, 2011 at 6:40 PM, Simon Heckmann <simon at simonheckmann.de>wrote:
> > Some challenges include:
> >
> > * how to justify the request to the user being asked to grant the
> privileges
> > starting with a text string and a link to more information
>
> Well, this is what I thought of: The users visit a website they have never
> visited before. A notifications pops up allowing them to set all permissions
> required for this page. The users might not trust the site yet so they do
> not grant all permissions immediately.
There's a more common issue: when you ask me for a bunch of permissions at
once, I don't know why you want them. This happens constantly with Android
apps: you install a simple notepad or clock app, and it'll ask for Internet
access and the ability to make phone calls, and you don't know why.
This is why--in general--I like the model so far: the user is asked for
permission in response to actually doing something that uses a feature. In
the notepad app, you're asked for permission to access the internet when you
select "sync notes to your desktop PC"; it's immediately obvious why it's
asking for it. (That's an Android example, of course, not a web app
example.)
Hopefully the ultimate solution will deal with both, allowing UAs the option
of asking all at once or on-demand, depending on the situation. (Some
permissions inherently have to be asked in advance, like Web Notifications,
which doesn't happen in response to a user action.)
--
Glenn Maynard
More information about the whatwg
mailing list