[Webkit-unassigned] [Bug 221399] DeviceMotionEvent.requestPermission is not a function in iframe-hosted cross-origin pages, even with feature policy and allow attributes set
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Feb 11 09:40:34 PST 2021
https://bugs.webkit.org/show_bug.cgi?id=221399
--- Comment #4 from Will Morgan <will.morgan at iproov.com> ---
(In reply to Chris Dumez from comment #3)
> WebKit does not allow the use of the device motion API at all in third-party
> iframes so exposing the permission API there did not make sense.
If that is the position that has been taken, why does DeviceMotionEvent.requestPermission exist but simply do nothing?
Would you agree that this undefined behaviour would be better replaced by throwing an error, or simply not exposing the DeviceMotionEvent or requestPermission APIs?
What about consenting app developers who have made the informed choice and want to make use of the Feature Policy functionality to whitelist device motion events, in the same way that cameras can be allowed?
To allow cameras but not device motion, to me, is an unusual weighting of priorities.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210211/4051ea1d/attachment.htm>
More information about the webkit-unassigned
mailing list