FWIW I am for the original set of HTTPS only restrictions proposed by Anne.
I think doing so sends a strong security minded message, even if some think "too strong". Pop-ups: I realize including pop-ups in this is a minority opinion (judging by this thread), however, I have not seen a single concrete example by those defending pop-ups of an HTTP-only site that depends on pop-ups for functionality for which this change would inconvenience the user. I am for including pop-ups in this set, at least up to Aurora to test the hypothesis that others have offered that this would "annoy users", because frankly, I don't believe it in practice. Notifications: For notifications, Anne's argument is correct. They're not widely adopted yet, so now is a good time to place this restriction on them, when there is very little of site-breakage risk. If there is real-world author/developer demand for INSECURE access to web notifications, we can re-evaluate accordingly. Blog post: In addition, as part of landing these restrictions, I think a blog post by Anne (e.g. perhaps on hacks.mo) on these changes would show and demonstrate Mozilla's user-security focus and technical leadership. Such a blog post could also explicitly note that we do see a spectrum of differences between things as invasive/creepy as camera access vs. "just annoying" pop-ups & notifications, and that based on user and developer feedback we may adjust our implementation accordingly. Better to secure more things, and then only back-off if/when necessary. Thanks, Tantek On Mon, Mar 9, 2015 at 2:07 AM, Anne van Kesteren <ann...@annevk.nl> wrote: > Thanks everyone for weighing in. It sounds like we don't want to touch > popups :-) And yes, negative persistence (never allow) should remain > available. > > The Notifications API is a bit in flux and the most interesting > notifications require service workers so are already restricted. I > guess I'm okay with leaving them alone for now. > > On Fri, Mar 6, 2015 at 7:04 PM, Gijs Kruitbosch > <gijskruitbo...@gmail.com> wrote: >> Can we make an exception for localhost and its IPv4 and IPv6 equivalents to >> make things easier for web devs? Bonus points if we make a mechanism that >> detects /etc/host overrides (to localhost) and allow it there, too. > > I think the exceptions of the "powerful features" document are > "localhost", equivalent hostnames (I can't think of any), and file > URLs. Developer tools should provide overrides. We need overrides for > service workers too. > > > -- > https://annevankesteren.nl/ > _______________________________________________ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
