On 2012-04-13 6:37 PM, Adrienne Porter Felt wrote:
I do agree that the proposal is mostly the same: I think that the permission should be granted at run-time, and there should be a notification. However, the way that the actual permission prompt is shown to the user is very important, and a runtime dialog is not equivalent to a magic permission button. Traditional permission dialogs do not work (there are many, many studies that show this). The traditional permission dialog gets in the way, so people want to click through it as fast as possible in most cases, which leads them to click through as fast as possible out of habit every time. A special "capture" button isn't an extra step -- it's the same step that people take in most camera apps.
I couldn't agree more... we have an opportunity to get wholly away from the "whatever"-button dialogs with B2G, let's not miss it.
I'm trying to brainstorm a new way to fit trusted UI into the user's normal flow that would enable preview modification, without throwing up a standard dialog. If anyone buys my case that we need such a thing, suggestions for how to get around the preview problem would be awesome. :)
The API could let the app apply arbitrary WebGL operations to the feed from the camera, but not allow the result to go anywhere but the screen until the user hits the button.
zw _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
