I bet this will be abused like hell and not only by Facebook with their every second crap, but also by ad makers and malware websites displaying on your desktop notifications styled similar to how your OS will diplay saying "your system is infected, download this to be saved..."
Better analytics= another spyware and money making feature from Google.
Whow is htis helping the use?

Well, you have to allow each site to show notifications first...

Meh, what about Wayland support?

I find this very annoying. Web browsers have become a heck of a lot more bloated/complicated/slow without adding any new USABILITY compared to what they were... 20 years ago. 20 years ago, a web browser would run happily on a 386 with 4 MB of RAM (despite that hardware being horribly obsolete), and they were fast and light, and worked great.

You still can : http://www.dillo.org/
As of now, yes, but how long until it becomes the default?

S.

I suspect that many will disagree with me, but I prefer web browsers that separate websites from the OS. I don't like the idea of a browser pushing messages from a website into my OS. Danny3 is correct, no doubt ads are going to abuse this system. If it becomes the norm, I'm just going to have to set my browser's default configuration to reject the messaging.

I bet soon Google will turn that on for their services by default.
And you will have to figure out who sent that message to your screen and where is the OPT-OUT configuration.
Just imagine how easy it't for average Joe to opt-out or turn it off completely.

I think this will be the same as it was with "automatic updates"
Once a useful feature and good for your security, now it's big risk to do that, to trust the issueing company so blindly.
In my opinion the "automatic updates" in Windows and Chrome it's a backdoor and a major security problem.

It looks to me that this situation is similar and once you trust a website to send you notifications, then they can send you anything including ads and who knows, in the future they may add the possibility to send videos, executables or "payloads" means that this is already implemented...

"sites can now detect when a notification is closed by the user"
I bet some nasty webdevelopers when will see the user closed the notification, will send 1 more, 3 more 100 just to see how fast a use can close tens of them.

I just hope Firefox will do the right thing and protect our security and privacy.

And how will they do that, pray tell? It's a standardised API.
This isn't a basic implementation detail that is easily changeable without breaking cross browser support.

The alternative to automatic updates is not being secure. If you don't trust the software provider, better not use the software rather than run an old, outdated, unsupported, vulnerable version.

Those permissions can be easily withdrawn and I doubt videos or other arbitrary content are going to be added to the standard any time soon.

That's an implementation detail, at best.
Firstly, there is already the functionality to block duplicate notifications through tags. If this became a required attribute, you couldn't push multiple messages from the same source simultaneously, filling up your screen.

Secondly, not all desktop notification daemons even support displaying multiple notifications simultaneously.

Lastly, If you find a notification that is trying to spam your desktop, you can quite easily remove permissions again. On Windows, it's as easy as clicking the gear icon that is attached to every notification, forcing the notification to stay open while you change permissions.

They're doing the exact same thing Google is doing. Providing access to a standard API.

I read the spec now, fair enough. Although I wouldn't put it past chrome to "work around" this limitation for google services.


At some point, you will remove the browser itself from allowed notifiers, believe me.
At some point web people will want control over appearance of the notifications (I already see this at work). How is this going to work then? Will you suddenly see an Win10 themed notification on OSX?
Allowing remote people to control stuff on my PC is pretty worrisome.

API is one thing, implementation is another. For instance : cookies are an api, the possibility to allow only top level cookies and/or blacklist is an implementation.