If a site asks for a particular permission, and the user repeatedly ignores the request, we should automatically deny it for the session. We can use heuristics to determine acceptable usage, and set the threshold accordingly. For example, we could be more lenient for permission requests in response to user interaction, or pages that the user visits more frequently, as opposed to drive-by requests on page load. It sounds like Chrome has a global blacklist of origins where users don't grant permissions. This wouldn't be as sophisticated, but it's a step toward encouraging sites to do the right thing.
You need to log in before you can comment on or make changes to this bug.