On Fri, Sep 5, 2014 at 10:34 PM, Henri Sivonen <hsivo...@hsivonen.fi> wrote:
> On Fri, Sep 5, 2014 at 1:25 PM, Robert O'Callahan <rob...@ocallahan.org> > wrote: > > On Fri, Sep 5, 2014 at 10:19 PM, Henri Sivonen <hsivo...@hsivonen.fi> > wrote: > >> Is current gUM restricted to authenticated origins? If it isn't, is it > >> realistic to restrict it to authenticated origins? > > > > That's a good idea but it's a separate issue. > > Is it already being pursued or should I file a bug? > I don't know. How about other site-specific sticky state? about:permissions suggests the full list is * Passwords * Geolocation * gUM * Cookies * Popup windows * Offline storage * Fullscreen Cookies are segregated by http vs https, right? I hope other kinds of offline storage, and passwords, are as well. Popup windows are just a nuisance so not important here. That leaves gUM, geolocation and fullscreen. Can we make them all require TLS? Rob -- oIo otoeololo oyooouo otohoaoto oaonoyooonoeo owohooo oioso oaonogoroyo owoiotoho oao oboroootohoeoro oooro osoiosotoeoro owoiololo oboeo osouobojoeocoto otooo ojouodogomoeonoto.o oAogoaoiono,o oaonoyooonoeo owohooo osoaoyoso otooo oao oboroootohoeoro oooro osoiosotoeoro,o o‘oRoaocoao,o’o oioso oaonosowoeoroaoboloeo otooo otohoeo ocooouoroto.o oAonodo oaonoyooonoeo owohooo osoaoyoso,o o‘oYooouo ofooooolo!o’o owoiololo oboeo oiono odoaonogoeoro ooofo otohoeo ofoioroeo ooofo ohoeololo. _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform