On 10/25/2016 6:26 AM, Ehsan Akhgari wrote:
FWIW, and to the extent that my opinion matters on the topic, I strongly
disagree that breaking the websites that people use silently is the
right thing to do.
Let's ignore the HTTPS Everywhere part of the thread, and instead pay
more attention to what our users will see after we roll this out. It's
easy to ignore this when looking at the ratio of granted non-secure
geolocation prompts per all page loads, but we _are_ talking about
breaking a fifth of geolocations on the web for our users.
I strongly agree with Ehsan that breaking a fifth of geolocation
requests is a bad user experience.
What is the threat model for geolocation over HTTP? That a coffee shop,
ISP, or Big Brother will MITM a non-secure site so as to sniff a user's
location? To reduce location leaks without breaking non-secure
geolocation, perhaps we could always require door hanger permission for
geolocation requests on HTTP sites?
chris
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform