On Thu, 21 May 2009, John Gregg wrote: > > On the security question, a substantial amount of thought has gone into > how to prevent unwanted popups (and in general how to control access to > HTML5 application features). We think user opt-in on an origin-basis is > the best policy and it's what we plan to do in Chromium; the WebKit > interfaces are structured so that the policy is up to the user agent via > a NotificationProvider interface.
Could you elaborate on what you mean by "user opt-in"? A prompt or "installation" step seems like a poor user experience given that any site could start asking for this, and we don't want users to click "yes" to make the message go away (consider a porn site that just does "while notifications are not allowed, try to notify"). -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.' _______________________________________________ webkit-dev mailing list [email protected] http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
