Closed tomayac closed 3 years ago
reillyeon
commented
4 years ago Aren't kiosk setups a special case? In this kind of scenario I would imagine that the system responsible for maintaining the kiosk session (for example, ensuring that the user cannot navigate away from approved sites) would also be responsible for resetting the session after a timeout.
tomayac
commented
4 years ago Aren't kiosk setups a special case? In this kind of scenario I would imagine that the system responsible for maintaining the kiosk session (for example, ensuring that the user cannot navigate away from approved sites) would also be responsible for resetting the session after a timeout.
It may well be that this is the ideal state, but not necessarily what I have seen people responsible for museum kiosk setups do. I’m not saying that these folks would necessarily use this API, I’m just saying that use cases that don’t require notification permission are completely out of this world.
tomayac
commented
4 years ago Another use case is security timeout logouts: typically banks and such will log you out automatically after a certain time period has passed. This API could be used to only log the user out if they are inactive. Banks would probably still prefer the time-based logout, but there may be less security-sensitive examples.
(Credits)
reillyeon
commented
4 years ago In the pull request above I've added some screenshots of what an "idle-detection" permission could look like. The issue I see is that it will be difficult for a banking site to explain the user value for this permission in a way that would enable this use case.
mikemccaughan
commented
4 years ago Late to the party here, but I would say a banking/financial services site (and I've worked for a few) would have an easier time explaining why they need "idle-detection" permission from the user (to ensure the user is logged out appropriately for security reasons), than why they need "notifications" permission from the user ... (to ensure the user is logged out appropriately? what does that have to do with notifications?)
mgrahamx
commented
4 years ago I concur with the OP. My use case (showing whether a player in a web game is idle) does NOT require notifications permissions anywhere else and there's no way I can show a spammy prompt my users will instantly decline just for this.
I'd love to use this API, but unfortunately the requirement to spam users with prompts they absolutely despise is a deal-breaker.
reillyeon
commented
3 years ago In #29 (just merged) the specification now defines a separate "idle-detection" permission.
tomayac
commented
3 years ago In #29 (just merged) the specification now defines a separate
"idle-detection"permission.
https://web.dev/idle-detection/#using-the-idle-detection-api is up-to-date I think.
reillyeon
commented
3 years ago Looks good to me. It might be worth adding a note that calling IdleDetector.requestPermission() requires user activation.
tomayac
commented
3 years ago
One use case of this API could be kiosk setups. Imagine a museum where there are info terminals for visitors. One part of the experience could be a drawing web app for kids. Another part of the experience could be regular info web pages about the exhibition for interested visitors.
Someone might draw inappropriate things in the drawing web app as a "prank" and then multitask to an info web page. The next kid that arrives might find the drawing app in that unfortunate state.
In such cases, it might be desirable for the museum to reset the drawing app after a certain amount of idleness is detected.
This use case happens to be the example I chose for the web.dev article on the API.