Re: Restricting the Notifications API to secure contexts
More than fine, this is an overdue change :) Notifications being available on http:// origins is a source of a small amount of pain for web push, because the two share the same permission. On Tue, Aug 8, 2017 at 2:24 AM, Eric Rescorla wrote: > This seems fine. > > -Ekr > > > On Mon, Aug 7, 2017 at 6:45 AM, Anne van Kesteren wrote: > >> Chrome wants to restrict the Notifications API >> https://notifications.spec.whatwg.org/ to secure contexts: >> >> https://github.com/whatwg/notifications/issues/93 >> https://github.com/w3c/web-platform-tests/pull/6596 >> >> Given that the API involves prompting the user as well as a permission >> that remains stored across different networks it seems like a good >> idea to restrict this API to HTTPS. >> >> I was wondering if anyone has concerns with restricting the API as >> such. If there are no concerns within a week I'll let Chrome go ahead >> with the change to the standard and tests and file the necessary >> implementation bugs against the remaining browsers, including Firefox. >> >> >> -- >> https://annevankesteren.nl/ >> ___ >> dev-platform mailing list >> dev-platform@lists.mozilla.org >> https://lists.mozilla.org/listinfo/dev-platform >> > ___ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: Restricting the Notifications API to secure contexts
This seems fine. -Ekr On Mon, Aug 7, 2017 at 6:45 AM, Anne van Kesteren wrote: > Chrome wants to restrict the Notifications API > https://notifications.spec.whatwg.org/ to secure contexts: > > https://github.com/whatwg/notifications/issues/93 > https://github.com/w3c/web-platform-tests/pull/6596 > > Given that the API involves prompting the user as well as a permission > that remains stored across different networks it seems like a good > idea to restrict this API to HTTPS. > > I was wondering if anyone has concerns with restricting the API as > such. If there are no concerns within a week I'll let Chrome go ahead > with the change to the standard and tests and file the necessary > implementation bugs against the remaining browsers, including Firefox. > > > -- > https://annevankesteren.nl/ > ___ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform > ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: Restricting the Notifications API to secure contexts
On 07.08.2017 15:45, Anne van Kesteren wrote: Chrome wants to restrict the Notifications API https://notifications.spec.whatwg.org/ to secure contexts: wait a second ... it was wide open all the time ? --mtx ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Restricting the Notifications API to secure contexts
Chrome wants to restrict the Notifications API https://notifications.spec.whatwg.org/ to secure contexts: https://github.com/whatwg/notifications/issues/93 https://github.com/w3c/web-platform-tests/pull/6596 Given that the API involves prompting the user as well as a permission that remains stored across different networks it seems like a good idea to restrict this API to HTTPS. I was wondering if anyone has concerns with restricting the API as such. If there are no concerns within a week I'll let Chrome go ahead with the change to the standard and tests and file the necessary implementation bugs against the remaining browsers, including Firefox. -- https://annevankesteren.nl/ ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform