No way to determine if geolocation API is blocked by user or browser (origin type)
Reported by
the.assi...@gmail.com,
Jul 21 2016
|
||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 Steps to reproduce the problem: Refer to https://developers.google.com/web/updates/2016/04/geolocation-on-secure-contexts-only Since Chrome 50, HTTP origins are not allowed to access (among other things) the geolocation API. The above page provides rationale on why this was done, as well as a method to detect if geolocation has been disabled by the browser due to an insecure origin. Unfortunately, as the page itself notes, this detection method is "quite brittle", using a hard-coded English-language string to determine whether the user or the browser blocked the geolocation request. A far better option would be to return a discrete error code that allows developers to distinguish this case. I suggest an additional field on the PositionError interface, something like PERMISSION_DENIED_INSECURE_ORIGIN = 4. Alternatively the navigator.geolocation property could be undefined on insecure origins (because let's face it, if the API is inaccessible due to browser security restrictions, it might as well not be there at all). Either way, this would give developers a sure way to know that they cannot depend on geolocation being available. What is the expected behavior? What went wrong? N/A Did this work before? N/A Chrome version: 51.0.2704.103 Channel: stable OS Version: 8.1 x64 Flash Version: Shockwave Flash 22.0 r0
,
Mar 13 2017
Submitted https://github.com/w3c/geolocation-api/issues/11 since this is a Spec-bug more than an implementation bug.
,
Mar 22 2017
Spec issue is the correct location for this.
,
Sep 22 2017
,
Sep 22 2017
|
||||
►
Sign in to add a comment |
||||
Comment 1 by ajha@chromium.org
, Jul 22 2016Components: Blink>Location
Labels: M-54
Status: Untriaged (was: Unconfirmed)