Comment by fidotron
1 hour ago
A better solution would be to make webgl, webgpu and (especially) webrtc have some sort of prompt before they can be in any way used in that fashion, but this will absolutely destroy web ux Windows Vista style.
1 hour ago
A better solution would be to make webgl, webgpu and (especially) webrtc have some sort of prompt before they can be in any way used in that fashion, but this will absolutely destroy web ux Windows Vista style.
And then the gatekeepers like Cloudflare will say "please hit accept in order to verify your browser and access this site".
You mean the "Accept Cookies" banner that has become a complete joke? Pass
It's about explicitly deciding to allow certain capabilities on a per-website basis. No major browser allows defense-in-depth via fine-grained website permissions.
Even simply changing the user agent was sabotaged at Firefox, and choosing one user agent per domain is wishful thinking.
I think he means browser permissions, for example when browsers want notify or record your mic theres a permission check something similar for webgl.
Fun Fact: When Cookies were introduced into Netscape, you got a browser permission prompt. Then browser vendors set it to allow by default.
And then legislation required those consent boxes back, so everyone built their own, instead of demanding that the default should be changed back.