Confirmed users
596
edits
CloudServices/Notifications/Push/API: Difference between revisions
CloudServices/Notifications/Push/API (view source)
Revision as of 18:20, 5 February 2012
, 5 February 2012→Feedback: reformat (no word changes)
(→Server API: privacy) |
m (→Feedback: reformat (no word changes)) |
||
| Line 111: | Line 111: | ||
<i> | <i> | ||
(No feedback mechanism is listed, so I'm putting it here; feel free to point me elsewhere :-) | (No feedback mechanism is listed, so I'm putting it here; feel free to point me elsewhere :-) | ||
<blockquote> | |||
* Is the "body" plain text or HTML, or something else? | |||
* Are clients forced to support actionURL (the notification system currently used in Ubuntu, for example, specifically removed support for clicking on a notification to take an action)? | |||
- | * What are the rules, if any, about cookie-sending and Referer and Origin when the actionURL is accessed? | ||
* Are there maximum lengths for any of the fields? | |||
* What about icons of multiple sizes? | |||
* Does iconURL lead to a privacy issue because the site can see if the user has read the notification? Can we allow, or require, inline icons? | |||
* Are there rules or guidelines to avoid accidentally clashing replaceIDs, such as a "org.mozilla.notification-somerandomstring" convention? | |||
* How can we mitigate the problem of one (authorized) site spoofing notifications that look like those from another site? Will the in-browser UI show the origin of the notification? | |||
Gerv | |||
</blockquote> | |||
<p> | |||
<blockquote> | |||
* How does this handle a user who uses two different Web browsers? (e.g. IE at work and Firefox at home) | |||
Hixie | |||
</blockquote> | |||
<p> | |||
<blockquote> | <blockquote> | ||
* How is the privacy impact of following the user (IP addresses, usage times) reduced to the absolute minimum possible? | * How is the privacy impact of following the user (IP addresses, usage times) reduced to the absolute minimum possible? | ||