Closed reillyeon closed 2 years ago
marcoscaceres
commented
2 years ago @reillyeon, I sent https://github.com/w3c/geolocation-api/pull/109 to address this... let me know if I've understood the implications correctly.
It seems that if the browser and the OS are getting out of sync, that may be a browser bug (unless OSs are not able to notify of the os-level permission state change to the dependent application). In any case, hopefully #109 addresses it.
reillyeon
commented
2 years ago Your PR clarifies the behavior of getCurrentPosition() and watchPosition(). That's a good thing to do but doesn't clarify the behavior of navigator.permissions.query() which was the heart of my question. I think to tie together the per-site and system-wide permission state we'd need to provide a permission query algorithm which checks the system-wide geolocation permission state. This is essentially what the recent change to Chromium does.
marcoscaceres
commented
2 years ago @reillyeon, wrote:
doesn't clarify the behavior of navigator.permissions.query() which was the heart of my question.
Ah, got it... I might need to clarify "new information about the user's intent", which technically covers this (it just doesn't say "OS"):
..."To ascertain new information about the user's intent, a user agent MAY collect information about a user's intentions. This information can come from explicit user action, aggregate behavior of both the relevant user and other users, or implicit signals this specification hasn't anticipated."...
I think to tie together the per-site and system-wide permission state we'd need to provide a permission query algorithm which checks the system-wide geolocation permission state. This is essentially what the recent change to Chromium does.
That makes sense. The intention of the "new information about the user's intent" was to cover this case also.
marcoscaceres
commented
2 years ago I think I should move or duplicate this issue over on on the Permissions spec... wdyt, @reillyeon? 🤔
reillyeon
commented
2 years ago It's probably a joint issue to resolve between the two specifications. We'll need something here in the Geolocation spec to talk about which system permission the "geolocation" feature corresponds to but a note in the Permissions spec about how per-site and system-level permissions should stack would be helpful across this and other permissions which face similar issues.
marcoscaceres
commented
2 years ago
Implementations of the Geolocation API on some operating systems need to themselves request permission to access device location. The specification does not currently say what happens if the user grants a site permission to use the "geolocation" feature in check permission but the operating system denies access to the device location in acquire position.
In Chromium we recently implemented a change in issue 1200933 which synchronizes the per-site and system-wide permission state as exposed through the Permissions API. In issue 1246955 a developer noted that this new behavior is not consistent with Firefox. Note, Safari does not implement the navigator.permissions.query() method however it is still possible to observe the difference because (at least in my testing) the GeolocationPositionError.message field is initialized differently when Safari itself does not have permission to use location.
The current behavior in Firefox and Safari does not seem intentional however it is clearly useful to at least one developer. The Chromium project is open to either its current or previous behavior as long as this specification is clear on which is expected.