From 95b296769f4f23a61e397255442cbb23e1e4e3af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Thu, 11 Nov 2021 20:55:41 +1100 Subject: [PATCH 1/9] Suggest permission lifetimes --- index.html | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/index.html b/index.html index 6ef8661..6e5ef7e 100644 --- a/index.html +++ b/index.html @@ -816,6 +816,16 @@

The Geolocation API is a [=default powerful feature=].

+

+ It is RECOMMENDED that a user agent prioritize restricting the + [=permission=] [=permission/lifetime=] to a single session: This can + be, for example, until the [=environment settings object/realm=] is + destroyed, the end-user [=navigates=] away from the [=origin=], or + the relevant browser tab is closed. The user agent MAY also suggest + time-based [=permission=] [=permission/lifetimes=], such as "24 + hours", "1 week", even opt to remember the permission + [permission/grant=] indefinitely. +

When instructed to check permission, given a {{PositionErrorCallback}}`?` |errorCallback:PositionErrorCallback|: From 7eb94a5603aef6c6d44ac6f0796ce040a6603e81 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Fri, 12 Nov 2021 10:56:49 +1100 Subject: [PATCH 2/9] Update index.html Co-authored-by: Reilly Grant --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index 6e5ef7e..9dc591a 100644 --- a/index.html +++ b/index.html @@ -823,7 +823,7 @@

destroyed, the end-user [=navigates=] away from the [=origin=], or the relevant browser tab is closed. The user agent MAY also suggest time-based [=permission=] [=permission/lifetimes=], such as "24 - hours", "1 week", even opt to remember the permission + hours", "1 week", or choose to remember the permission [permission/grant=] indefinitely.

From 1a9fa57068d74efba482fa26ab691e0ba93679d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Mon, 15 Nov 2021 17:22:13 +1100 Subject: [PATCH 3/9] Add 'user consent' section --- index.html | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/index.html b/index.html index 9dc591a..25f61ac 100644 --- a/index.html +++ b/index.html @@ -394,6 +394,37 @@

information also discloses the location of the user of the device, thereby potentially compromising the user's privacy.

+
+

+ User consent +

+

+ The Geolocation API is a [=powerful feature=] that + requires [=express permission=] from an end-user's before any + location data is shared with a web application. This requirement is + normatively enforced by the [=check permission=] steps on which the + {{Geolocation/getCurrentPosition()}} and + {{Geolocation/watchPosition()}} methods rely. +

+

+ A end-user will generally gives [=express permission=] through a user + interface, which usually present a range of permission + [=permission/lifetimes=] that the end-user can choose from. The + choice of [=permission/lifetimes=] vary across user agent, but they + are typically time-based (e.g., "a day"), or until browser is closed, + or the user might even be given the choice for the permission to be + remembered indefinitely. The permission [=permission/lifetimes=] + dictate how long a user agent [=permission/grants=] a permission + before that permission is automatically reverted back to its default + [=permission state=], prompting the end-user to make a new choice. +

+

+ Although the granularity of the permission [=permission/lifetime=] + varies across user-agents, this specification urges user agents to + limit the lifetime to a single browsing session by default (see + [[[#check-permission]]] for normative requirements). +

+

Privacy considerations for recipients of location information @@ -809,7 +840,7 @@

-
+

Check permission

From 0dd29bc9eb678d6f3749557430fca0d54bac7638 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Mon, 15 Nov 2021 22:13:19 +1100 Subject: [PATCH 4/9] Nits --- index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 25f61ac..0d8e7bc 100644 --- a/index.html +++ b/index.html @@ -400,7 +400,7 @@

The Geolocation API is a [=powerful feature=] that - requires [=express permission=] from an end-user's before any + requires [=express permission=] from an end-user before any location data is shared with a web application. This requirement is normatively enforced by the [=check permission=] steps on which the {{Geolocation/getCurrentPosition()}} and @@ -410,7 +410,7 @@

A end-user will generally gives [=express permission=] through a user interface, which usually present a range of permission [=permission/lifetimes=] that the end-user can choose from. The - choice of [=permission/lifetimes=] vary across user agent, but they + choice of [=permission/lifetimes=] vary across user agents, but they are typically time-based (e.g., "a day"), or until browser is closed, or the user might even be given the choice for the permission to be remembered indefinitely. The permission [=permission/lifetimes=] From 0f55cc469856da0b301ef034dc072079fcf4b5f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Mon, 15 Nov 2021 22:16:03 +1100 Subject: [PATCH 5/9] Update index.html --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index 0d8e7bc..ea8a138 100644 --- a/index.html +++ b/index.html @@ -407,7 +407,7 @@

{{Geolocation/watchPosition()}} methods rely.

- A end-user will generally gives [=express permission=] through a user + An end-user will generally give [=express permission=] through a user interface, which usually present a range of permission [=permission/lifetimes=] that the end-user can choose from. The choice of [=permission/lifetimes=] vary across user agents, but they From ab36d56e9ef99115fa86b96100783a8c57ce5792 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Mon, 15 Nov 2021 22:19:36 +1100 Subject: [PATCH 6/9] Update index.html --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index ea8a138..0f02a7a 100644 --- a/index.html +++ b/index.html @@ -413,7 +413,7 @@

choice of [=permission/lifetimes=] vary across user agents, but they are typically time-based (e.g., "a day"), or until browser is closed, or the user might even be given the choice for the permission to be - remembered indefinitely. The permission [=permission/lifetimes=] + granted indefinitely. The permission [=permission/lifetimes=] dictate how long a user agent [=permission/grants=] a permission before that permission is automatically reverted back to its default [=permission state=], prompting the end-user to make a new choice. From 597f8fece6087bf0fb2074dc74bea6dd66685ac2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Mon, 15 Nov 2021 22:19:49 +1100 Subject: [PATCH 7/9] Update index.html --- index.html | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/index.html b/index.html index 0f02a7a..9db6d24 100644 --- a/index.html +++ b/index.html @@ -416,7 +416,8 @@

granted indefinitely. The permission [=permission/lifetimes=] dictate how long a user agent [=permission/grants=] a permission before that permission is automatically reverted back to its default - [=permission state=], prompting the end-user to make a new choice. + [=permission state=], prompting the end-user to make a new choice + upon subsequent use.

Although the granularity of the permission [=permission/lifetime=] From 95584c73e7b8a19823aee19ec35c65d7072d9201 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Thu, 18 Nov 2021 18:27:12 +1100 Subject: [PATCH 8/9] Make sections consistent --- index.html | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/index.html b/index.html index 9db6d24..d5fcf5d 100644 --- a/index.html +++ b/index.html @@ -849,14 +849,14 @@

The Geolocation API is a [=default powerful feature=].

- It is RECOMMENDED that a user agent prioritize restricting the + The user agent MAY suggest + time-based [=permission=] [=permission/lifetimes=], such as "24 + hours", "1 week", or choose to remember the permission + [permission/grant=] indefinitely. However, it is RECOMMENDED that a user agent prioritize restricting the [=permission=] [=permission/lifetime=] to a single session: This can be, for example, until the [=environment settings object/realm=] is destroyed, the end-user [=navigates=] away from the [=origin=], or - the relevant browser tab is closed. The user agent MAY also suggest - time-based [=permission=] [=permission/lifetimes=], such as "24 - hours", "1 week", or choose to remember the permission - [permission/grant=] indefinitely. + the relevant browser tab is closed.

When instructed to check permission, given a From d86891bbf82587d0e75e6d06b3ba8bcd244c81e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Thu, 18 Nov 2021 18:27:45 +1100 Subject: [PATCH 9/9] tidy --- index.html | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/index.html b/index.html index d5fcf5d..f83c7e2 100644 --- a/index.html +++ b/index.html @@ -400,8 +400,8 @@

The Geolocation API is a [=powerful feature=] that - requires [=express permission=] from an end-user before any - location data is shared with a web application. This requirement is + requires [=express permission=] from an end-user before any location + data is shared with a web application. This requirement is normatively enforced by the [=check permission=] steps on which the {{Geolocation/getCurrentPosition()}} and {{Geolocation/watchPosition()}} methods rely. @@ -413,11 +413,11 @@

choice of [=permission/lifetimes=] vary across user agents, but they are typically time-based (e.g., "a day"), or until browser is closed, or the user might even be given the choice for the permission to be - granted indefinitely. The permission [=permission/lifetimes=] - dictate how long a user agent [=permission/grants=] a permission - before that permission is automatically reverted back to its default - [=permission state=], prompting the end-user to make a new choice - upon subsequent use. + granted indefinitely. The permission [=permission/lifetimes=] dictate + how long a user agent [=permission/grants=] a permission before that + permission is automatically reverted back to its default [=permission + state=], prompting the end-user to make a new choice upon subsequent + use.

Although the granularity of the permission [=permission/lifetime=] @@ -849,10 +849,10 @@

The Geolocation API is a [=default powerful feature=].

- The user agent MAY suggest - time-based [=permission=] [=permission/lifetimes=], such as "24 - hours", "1 week", or choose to remember the permission - [permission/grant=] indefinitely. However, it is RECOMMENDED that a user agent prioritize restricting the + The user agent MAY suggest time-based [=permission=] + [=permission/lifetimes=], such as "24 hours", "1 week", or choose to + remember the permission [permission/grant=] indefinitely. However, it + is RECOMMENDED that a user agent prioritize restricting the [=permission=] [=permission/lifetime=] to a single session: This can be, for example, until the [=environment settings object/realm=] is destroyed, the end-user [=navigates=] away from the [=origin=], or