On 2014-09-11, at 00:56, Anne van Kesteren <ann...@annevk.nl> wrote: > Are we actually partitioning permissions per top-level browsing > context or could they already accomplish this through an <iframe>?
As far as I understand it, permissions are based on domain name only, they don’t include scheme or port from the origin. So it’s probably less granular than that. In the Google case, I doubt that there is anything meaningful we can do to scope permissions in a way that would both prevent Google from sharing a persistent grant. Not without breaking a great number of sites. _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform