A disparity between the intervals at which the web app can synchronize with its servers and those at which the user visits the site gives the origin gets more power than the user is aware of or intends by letting it execute code more often than the user intends.
One of the many mitigation suggested in the spec to prevent this, is to cap the minimum interval at which periodicsync events are fired to "minimum periodic sync interval across origins". The spec currently suggests (in a non-normative way) that this value be set to 432000 or greater.
Should there be a normative requirement to set this to a minimum value, and what should that value be?
Pros: It'll ensure each implementation of this capability mitigates security concerns fully, even if they don't implement UI to inform the user of periodic background synchronization.
Cons: The spec suggests another mitigation, which is to provide UI so the user is made aware of periodic background syncs by an origin, and allow them to opt out.
Implementing both mitigations is not necessary, therefore it'd be non-ideal if the spec requires one approach over another.
A disparity between the intervals at which the web app can synchronize with its servers and those at which the user visits the site gives the origin gets more power than the user is aware of or intends by letting it execute code more often than the user intends.
One of the many mitigation suggested in the spec to prevent this, is to cap the minimum interval at which periodicsync events are fired to "minimum periodic sync interval across origins". The spec currently suggests (in a non-normative way) that this value be set to 432000 or greater.
Should there be a normative requirement to set this to a minimum value, and what should that value be?
Pros: It'll ensure each implementation of this capability mitigates security concerns fully, even if they don't implement UI to inform the user of periodic background synchronization.
Cons: The spec suggests another mitigation, which is to provide UI so the user is made aware of periodic background syncs by an origin, and allow them to opt out. Implementing both mitigations is not necessary, therefore it'd be non-ideal if the spec requires one approach over another.