- We will go with install time permission with warning message.
We've considered both install time permission and runtime permission.We have two reasons that we think install time permission is better for this API.The first reason is that this API does not have specific context.The most benefit of opt-in permission is that the application can provide its context to a user.For example, it's reasonable that camera application requests photo-capture-permission when user press capture photo button.
But for this API, when would be the best time to prompt to a user?
The second reason is to keep consistent with platform.Most extension APIs use install time permission except the API has a specific context.
We've considered both install time permission and runtime permission.We have two reasons that we think install time permission is better for this API.The first reason is that this API does not have specific context.The most benefit of opt-in permission is that the application can provide its context to a user.For example, it's reasonable that camera application requests photo-capture-permission when user press capture photo button.But for this API, when would be the best time to prompt to a user?I agree that contextual permission prompts are far superior to install prompts, which is why you should always aim for them when possible.In this case, a strawman could be the first time you try using the launcher when an extension/app has been enabled for it, show a card inline (where you'd usually surface search results):"My Extension wants to show search results here. It can read what you type. [Allow]."This is absolutely contextual.
On Tue, 30 Jun 2015 at 02:34 Benjamin Kalman <kal...@chromium.org> wrote:We've considered both install time permission and runtime permission.We have two reasons that we think install time permission is better for this API.The first reason is that this API does not have specific context.The most benefit of opt-in permission is that the application can provide its context to a user.For example, it's reasonable that camera application requests photo-capture-permission when user press capture photo button.But for this API, when would be the best time to prompt to a user?I agree that contextual permission prompts are far superior to install prompts, which is why you should always aim for them when possible.In this case, a strawman could be the first time you try using the launcher when an extension/app has been enabled for it, show a card inline (where you'd usually surface search results):"My Extension wants to show search results here. It can read what you type. [Allow]."This is absolutely contextual.And I'm not a fan of adding a prompt to the App Launcher UI. Aside from being annoying (and extra work for us), I don't think of this as contextual, because it isn't in response to a user gesture in the application.A contextual prompt is like when I click "Take Photo" in the app and then a prompt appears asking for Camera permission. That makes a lot of sense to the user.Whereas in this case, you're talking about installing an app, and then at some unspecified time later, the user tries to use the App Launcher to search, and gets prompted about some app that they aren't even
necessarily using.
I've enabled the flag, but what is a good extension to test this with?