Open Bug 1266634 Opened 5 years ago Updated 5 years ago

Rate limit permission requests from sites that ask too many times


(Toolkit :: Notifications and Alerts, defect)

Not set




(Reporter: lina, Unassigned)



If a site asks for a particular permission, and the user repeatedly ignores the request, we should automatically deny it for the session.

We can use heuristics to determine acceptable usage, and set the threshold accordingly. For example, we could be more lenient for permission requests in response to user interaction, or pages that the user visits more frequently, as opposed to drive-by requests on page load.

It sounds like Chrome has a global blacklist of origins where users don't grant permissions. This wouldn't be as sophisticated, but it's a step toward encouraging sites to do the right thing.
You need to log in before you can comment on or make changes to this bug.