Permission prompt needs to appear somewhere in the system
mgiuca opened this issue · 4 comments
@dbaron: from w3ctag/design-reviews#371 (comment)
Another question is that of permissions. It seems like at some point the browser probably wants to ask the user for permission as to whether they want this particular installed web application to be able to access a particular file on the native file system. At the very least, it seems like a risk if there's no permission prompt anywhere in the system -- and it it at least seems like it might be easier to explain that stuff to users at use time rather than at registration time (since it's not clear that it's easy to explain to a user what a
application/foofile is). This leads me to two thoughts:...
it's a little concerning that there doesn't appear to be asynchronous stuff in the explainer that gives a UA that wants to prompt the user for permission to have an opportunity to do so. Perhaps that's OK because the native file system API is sufficiently asynchronous to give the UA a chance to ask for permission through its API surface -- but it would be good to see examples in the explainer that show at what points a UA might choose to ask the user for permission.
Filing a separate bug to consider this. Probably just needs a non-normative recommendation to implementors in a security/privacy considerations section.
At the moment, before we allow a web app to open a directory, we show this prompt:
We could do something similar with file handling (presumably before pushing something to the launch queue).
Back-linking this to TAG review w3ctag/design-reviews#371
We've ended up incorporating this into our security model, and discussing a bit more in an internal permissions doc.
The explainer should probably still discuss a permission though...
Marking this as closed per the commit "mention permissions api integration"