On Wed, Aug 17, 2016 at 5:02 PM, Anne van Kesteren <
ann...@annevk.nl> wrote:
> The main problem with query as I see it is that since we haven't
> agreed on what permissions are keyed on, an application cannot really
> do anything with the answer it gets from query. E.g., communicating
> the answer with other open tabs and then attempting to use the
> permission there is futile for certain permissions. That kind of thing
> would only work if they are all origin-keyed, but some are per
> session, some are scoped to the top-level browsing context, etc.
Are you suggesting that .query() has terrible flaws or that it is
completely beyond hope of fixing?
I agree that the keys are unclear[1]. But isn't that something that
can be more easily addressed by opening an issue on the spec?
[1] At the moment, the only sensible thing that can be said is that if
you had replaced the .query() call with a call to the corresponding
API, then it would not have failed due to a permission error. That
implies realm+instant-in-time are the keys. This is - of course -
super-useful in the sense that it is left to speculation about how a
result might be applied to predict future behaviour.