denar90
commented
5 years ago Hi, we request permissions because we have features to upload to gdrive and make this trace public automatically.
from https://developers.google.com/drive/api/v3/about-auth
https://www.googleapis.com/auth/drive | Full, permissive scope to access all of a user's files, excluding the Application Data folder. Request this scope only when it is strictly necessary.and part in code
If this feature confuses folks, we probably should rethink approach:
- Invest some effort into smth like: request limited access when user whants to just watch trace, and request additional when user wants to upload to gdrive
- Finish https://github.com/ChromeDevTools/timeline-viewer/pull/59 and https://github.com/ChromeDevTools/timeline-viewer/issues/52
cc @paulirish
I tried to open the following link: https://chromedevtools.github.io/timeline-viewer/?loadTimelineFromURL=drive://1kj9M7frgskdtlWH_eMFDwuT8USgOte9w
Which takes me to a page that isn't obviously trying to load a file - but then I spot the green button for GDrive API access, so I figure that should make things work, and click on it.
However the prompt I get tells me that I need to provide access to rather a lot, when I'm only trying to view what I'm pretty sure is someone else's public file.
This app wants permission to access everything in your Google Drive. It will be able to do the same things that you can do, including:
From the permissions dialog:
I suspect this might be a limitation of the google drive api itself? I know the source code is auditable, so this is probably safe to give away, but I figured I'd record the issue anyway.