Josh Karlin
Josh Karlin
Hi folks. Happy to answer any questions and update documentation to add clarity. You're correct that `selectURL` hinges on fenced frames to prevent data exfiltration. Though the private aggregation API,...
Hey, thanks for your questions/comments Maciej. > Is a per-day rate limit sufficient? It seems like sites that users visit often would be able to extract an arbitrary amount of...
Chrome is 10240 characters at the moment. Not sure if that's something that should be defined in a spec or not.
Or `permissionStatus()`. That said, I'm hoping to remove this call from the API and rely on https://w3c.github.io/permissions/ instead.
+1. Thanks for fixing it Kenji. See commit a61f75d3565ae61c94fc5f606b4a00dd5c2ba222
I've put hasPermission back. I agree that hasPermission sounds like a bool but let's stick with hasPermission since that's what Push has.
Then I vote for `getPermissionStatus()` as it's similar to `getRegistration()`
Agree.
Closing this as I think there is agreement that the UAs need to be careful with regard to user resources.
@mkruisselbrink This is largely a periodic sync issue but even for one-shot the spec should probably say something about resource usage and suggest that the UA cap retries and time...