Sorry I should have used the same nomenclature that was used earlier. Polling as in the app repeated asks for geolocation because it "failed". Having different failures for denied vs can't lock onto GPS would solve this, but I don't know how much it matters for an app.
David ----- Original Message ----- > From: "Justin Lebar" <justin.le...@gmail.com> > To: "David Chan" <dc...@mozilla.com> > Cc: "Jim Straus" <jstr...@mozilla.com>, dev-weba...@lists.mozilla.org, > phillip...@gmail.com, "Mozilla B2G mailing > list" <dev-...@lists.mozilla.org>, dev-security@lists.mozilla.org, "mozilla > dev webapps" > <mozilla.dev.weba...@googlegroups.com>, "Jonas Sicking" <jo...@sicking.cc> > Sent: Thursday, March 15, 2012 2:31:02 PM > Subject: Re: [b2g] OpenWebApps/B2G Security model > > > There is still an open question on how a permissions manager should > > respond in the event of a DENIED permission. One suggestion is to > > not > > error out but return some default/safe value e.g. no contacts if an > > app is not granted Contacts information. A concern of this proposal > > is that an app may continue to poll for a permission until it is > > granted or an app may pop up a dialog to have the user grant the > > permission. > > I don't understand this. Can you give a concrete example of what the > problem is here, for example with the current geolocation API? > > All of our APIs are async, so there's no polling involved, as far as > I > understand. > > > ----- Original Message ----- > >> From: "Jim Straus" <jstr...@mozilla.com> > >> To: "Jonas Sicking" <jo...@sicking.cc> > >> Cc: dev-weba...@lists.mozilla.org, dev-security@lists.mozilla.org, > >> phillip...@gmail.com, "mozilla dev webapps" > >> <mozilla.dev.weba...@googlegroups.com>, "Mozilla B2G mailing list" > >> <dev-...@lists.mozilla.org> > >> Sent: Tuesday, March 13, 2012 1:09:06 PM > >> Subject: Re: [b2g] OpenWebApps/B2G Security model > >> > >> Hello all - > >> I've been sketching out an implementation of permissions. I've > >> laid out some code framework, but wanted to through tis out for > >> validation. Assumptions: that B2G/Firefox will have separate > >> processes for each app/tab. This is already declared to be true > >> (but not implemented) for B2G. This proposal doesn't required > >> ipc > >> , but I believe we need to support it. Also note that this > >> should > >> be able to replace the existing Permission and PermissionManager > >> in gecko. > > _______________________________________________ > > dev-b2g mailing list > > dev-...@lists.mozilla.org > > https://lists.mozilla.org/listinfo/dev-b2g > _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
