Both http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#exceptions-javascript-api and http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#exceptions-ww-javascript-api are inadequate. They need to allow for an asynchronous permission check. In other words, return a promise.
Also, within platform APIs we call "URI" URL. You have not defined cookie-like domain string. To back up a bit, has this API been discussed with people familiar with other permission APIs? We generally avoid things like "explanationString" or "siteName" as they are open to abuse. Also, putting "String" in the member name seems redundant. This API does not seem ready at all. Are there any implementations of it? -- http://annevankesteren.nl/
