[Webkit-unassigned] [Bug 50566] Delay starting geolocation request until permission has been granted or denied
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Dec 8 07:40:09 PST 2010
https://bugs.webkit.org/show_bug.cgi?id=50566
--- Comment #8 from John Knottenbelt <jknotten at chromium.org> 2010-12-08 07:40:09 PST ---
Thanks for considering it. This sounds reasonable to me. Let's close this one down.
(In reply to comment #7)
> The motivation for the 'should' for obtaining user permission before doing any work was that the location acquisition process may reveal sensitive information even if a position is not revealed to JavaScript. If permissions are not obtained preemtively ...
> - If an API call results in a request for permission the app could deduce that a position was obtained and hence that a device is likely to be on WiFi - See https://bugs.webkit.org/show_bug.cgi?id=39434#c14
> - Location acquisition using a server (eg WiFi ID look-up) could involve sending sensitive information over the network to a third party.
>
> Having discussed with Andrei, the case of looking up a cached position wasn't really considered when the 'should' was written. The above concerns don't really apply to the case of looking up a cached position. In any case, we're still compliant with the spec as this is only a 'should'.
>
> So unless the code clean-up you mention is important for other reasons, I'd suggest closing this bug as 'working as intended'.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list