This might be easier than refusing permission every time - it sounds like I can just not click it. I really dislike location permission things. I don't know what location will be shared, I don't use anything that needs a precise location, and I don't ever want to share my actual location. If location permission things showed me a map with where they think I am and let me click a (vague) location to share, I might use them, but currently to find nearest stores or whatever I just type in a postcode or use their map.
Edit: this has prompted me to go find a way to turn off location permission requests in the browser settings. It turns out you can do it under Privacy and Security > Site Settings in Firefox and Chrome.
This seems pretty sketchy, and I don't really understand what prevents a website from clickjacking.
The original flow is awkward, but also renders the permission element in a location that can't be clickjacked, thus offering some protection from geolocation.
It explicitly pops up the confirmation dialog even though user has previously DENIED that geolocation permission dialog. The whole thing is only created because they see "high denial rates" and want to create a way to permanently undo these denials.
The spec doesn't mandate such behaviour, that's up to the user agent to implement.
I've had to deal with plenty of people who couldn't do things like use Jitsi or other web apps because they missed or denied the permission prompt before reading them. The tiny icons in the address bar are barely recognised as clickable items by most users, which is a good thing for toning down annoyances but an awful inconvenience when trying to help people.
In a few cases, the solution to "accidentally dismissed permission popup" was "make everyone else download an app full of trackers".
Jitsi is about audio / video where this would make more sense, not about geolocation.
Geolocation based on IP address is always done in the background, so they already know what city you are from. But Google wants to have the nice high-precision location from our GPS chips so they can permanently associate the IP address, and available WIFIs/Bluetooth/network devices and all related MAC addresses to a specific building.
And they want to have this specific functionality so they can organically trick non-power-users who got accustomed to the permission popup dialogs into re-sharing their location.
The audio/video version is in the works [1]. I imagine geolocation just got to this stage first because it's far simpler.
And IP-based geolocation is really unreliable beyond the country level. It depends on ISPs using a different pool of IP addresses for each city. That seems to be the norm in the US, but is not how every ISP runs their operation
I'm a bit confused about how it actually works, and somehow they decided to not include a demonstration video.
If clicking on it does trigger a location permission prompt: what's the point? The "issues" with prompts getting denied can already be solved by web developers doing this themselves, rather than just blindly firing off a request on page load.
If clicking on it does not trigger a location permission prompt: have we forgotten about the Line Of Death [0]? Clicking random website-styled elements should never result in dangerous actions being taken - and leaking the user's physical location is definitely dangerous. Sure, they are trying to restrict the styling, but that's a fools' errant: somebody will just make a browser game where the button looks to refer to something ingame, but actually leak your real-world location.
Besides, who's actually asking for this? Location is perhaps useful for Google Maps-like websites to save you a few seconds of scrolling, but in practice it has mostly been spammy websites trying to get me to "subscribe to local news". Making geolocation easier is the last thing I want in my browser!
No, I mean adding a "use your location" button yourself which the user has to click before it uses the geolocation API, rather than just blindly requesting it on page load.
The only reason people block it in settings is because they get sick of nagging prompts they never asked for.
Ah, gotcha. So this change is giving developers a more standardised way to follow that "add a button, pop up permission dialog" pattern that will hopefully drive more of them away from the bad pattern?
You get prompted to supply your location just like normal.
Using geolocation on the web is not something I do daily, but I do use it every now and then. The "locate stores near me" button for looking up store closing times is a lot easier than manually panning across a map.
I find Chrome's current implementation (on Android) to be acceptable as long as measures are taken to prevent clickjacking and such to automate repeating prompts after denying permissions. I expect other browsers like Firefox to be more conservative in showing popups like that.
Contextual permissions are a big improvement over early and uncertain prompts. I will never agree to grant my permission when first loading a page, however, I may do so if intentionally activating a map widget. At least then I understand the context by which it's being asked, and can make a more informed decision.
Maybe for tracking purposes, because most google-affiliated CDNs are widely blocked and unpkg might be small enough to not immediately raise eyebrows with devs. Unpkg removed their SPONSORS.md file recently, and their README claims to be hosted at fly.io which seems to be behind Cloudflare.
Try to use some critical thinking here before immediately jumping into conspiracy theories. Maybe start with reading the actual post rather than just seeing Google and geolocation in the same sentence and forming your opinion based on that.
Unfortunately extending benefit of the doubt towards US tech companies is a luxury not everybody can or wants to afford. There is a clear pattern of enshittification of their products.
As you assume that GP has not read the post, how about you?
Because google clearly state that the "high denial rates" are a problem, but their framing of the issue is that the users have a "context gap" which needs to be fixed. Because they are convinced that even though users have decided against geolocation sharing with a specific website they want to get prompted about it over and over again as part of the organic interface of the website. And if they un-block it once over the new interface then the previous block will be forgotten and the permission will forever be granted.
A solution respecting their users would be to allow geolocation for duration of the browser tab, but that is clearly not in line with their data collection goals for their advertisers.
Main purpose of this seems to offer a way for undoing "previously blocked location access" by the user.
> If a prompt appears unexpectedly, users may block it reflexively or accidentally, unaware that this decision creates a permanent block that is difficult to reverse. This context gap—rather than the feature itself—is a primary driver of high denial rates.
> If a user previously blocked location access when browsing a site (perhaps by accident or lack of context), clicking the element triggers a specialized recovery flow. This helps them re-enable location at the moment when they actually want to use location, without the friction of navigating deep into the browser's site settings.
Google sees "high denial rates" when they try ask users for their geolocation. This is a problem for Google's customers, the advertisers. So they introduce this <geolocation> HTML tag so that dark patterns can be employed to trick users into permanently sharing location even though they have blocked location sharing before.
If the Google engineers who are working on this feature would actually give a damn about users who decided to block geolocation access, this feature would be designed as a "temporary access to geolocation for duration of browser session".
So basically it is all about more tracking and less data privacy.
It's overdue that skilled engineers provide better solutions than this crap, but of course it's much easier to be apolitical and become a millionaire working for a bunch of tech bros who visited Epstein's island.
Yeah they cited Zoom as a successful case study, but why does Zoom need access to my location in the first place? Asking me when I click the <geolocation> button will not change my decision to block.
Also I’m not sure about the argument of context disconnect. Properly designed websites will only ask for (and prompt the location permission modal) when it really needs it.
I'm not familiar with how this process went in this case, the blog post seems to suggest that feedback from other vendors was incorporated. Can you elaborate on the outstanding issues?
As noted in the intent to ship for both, these are a very specific narrow cases chipped off a bunch broader attempt to offer declarative ways to handle permissions in general, a <permission> element.
The root problem is that permissions right now are super hard to adjust for users (and the way they are exposed to the page is not very good at dealing with users turning permissions on and off either). It's imo very good that we are finally leaving this awful tarpit of design, & moving towards permissions being more fluid. I get that other browsers wanted to be conservative & not do a generic <permission> element, but given how big an improvement this feels like, I sort of wish it'd gotten the pass.
> The root problem is that permissions right now are super hard to adjust for users
Unlike you I'm not getting paid enough by google to accept this narrative. The root problem for google is "high denial rates" of geolocation prompts, as clearly stated by Google in the post.
Now please tell me what information the geolocation prompt actually provides to the website that cannot be taken from the IP address, which is already tracked and processed by google and every single website tracking tool. IP address tells the website about the city where users come from.
The root problem with "high denial rates" is that Google wants to know if you live in the rich part of town or in the poor part of town. This is why google engineers try to find new ways for users to permanently undo their blocking of geolocation permission.
If google engineers had any concern about their users, then the default option would be a way to temporarily allow geolocation for duration of the browser session, e.g. when you need to really use google maps. And after the browser window closes it would later go back to the previously blocked state from before.
This might be easier than refusing permission every time - it sounds like I can just not click it. I really dislike location permission things. I don't know what location will be shared, I don't use anything that needs a precise location, and I don't ever want to share my actual location. If location permission things showed me a map with where they think I am and let me click a (vague) location to share, I might use them, but currently to find nearest stores or whatever I just type in a postcode or use their map.
Edit: this has prompted me to go find a way to turn off location permission requests in the browser settings. It turns out you can do it under Privacy and Security > Site Settings in Firefox and Chrome.
> easier than refusing permission every time
Most browsers allow setting default permissions for all sites at once.
Not default permissions, it turns out, but you have a global choice between letting sites ask for permission or blocking the requests entirely.
This seems pretty sketchy, and I don't really understand what prevents a website from clickjacking.
The original flow is awkward, but also renders the permission element in a location that can't be clickjacked, thus offering some protection from geolocation.
It still pops up a permission confirmation dialog
It explicitly pops up the confirmation dialog even though user has previously DENIED that geolocation permission dialog. The whole thing is only created because they see "high denial rates" and want to create a way to permanently undo these denials.
The spec doesn't mandate such behaviour, that's up to the user agent to implement.
I've had to deal with plenty of people who couldn't do things like use Jitsi or other web apps because they missed or denied the permission prompt before reading them. The tiny icons in the address bar are barely recognised as clickable items by most users, which is a good thing for toning down annoyances but an awful inconvenience when trying to help people.
In a few cases, the solution to "accidentally dismissed permission popup" was "make everyone else download an app full of trackers".
Jitsi is about audio / video where this would make more sense, not about geolocation.
Geolocation based on IP address is always done in the background, so they already know what city you are from. But Google wants to have the nice high-precision location from our GPS chips so they can permanently associate the IP address, and available WIFIs/Bluetooth/network devices and all related MAC addresses to a specific building.
And they want to have this specific functionality so they can organically trick non-power-users who got accustomed to the permission popup dialogs into re-sharing their location.
The audio/video version is in the works [1]. I imagine geolocation just got to this stage first because it's far simpler.
And IP-based geolocation is really unreliable beyond the country level. It depends on ISPs using a different pool of IP addresses for each city. That seems to be the norm in the US, but is not how every ISP runs their operation
1: https://developer.chrome.com/origintrials/#/view_trial/37362...
> Jitsi is about audio / video where this would make more sense, not about geolocation.
It's still permission-based. And the article mentions that the same ux is being done for media objects.
I'm a bit confused about how it actually works, and somehow they decided to not include a demonstration video.
If clicking on it does trigger a location permission prompt: what's the point? The "issues" with prompts getting denied can already be solved by web developers doing this themselves, rather than just blindly firing off a request on page load.
If clicking on it does not trigger a location permission prompt: have we forgotten about the Line Of Death [0]? Clicking random website-styled elements should never result in dangerous actions being taken - and leaking the user's physical location is definitely dangerous. Sure, they are trying to restrict the styling, but that's a fools' errant: somebody will just make a browser game where the button looks to refer to something ingame, but actually leak your real-world location.
Besides, who's actually asking for this? Location is perhaps useful for Google Maps-like websites to save you a few seconds of scrolling, but in practice it has mostly been spammy websites trying to get me to "subscribe to local news". Making geolocation easier is the last thing I want in my browser!
[0]: https://textslashplain.com/2017/01/14/the-line-of-death/
> The "issues" with prompts getting denied can already be solved by web developers doing this themselves
Does that mean identifying the browser and trying to tell the user how to go into the browser settings and un-block permission prompts?
No, I mean adding a "use your location" button yourself which the user has to click before it uses the geolocation API, rather than just blindly requesting it on page load.
The only reason people block it in settings is because they get sick of nagging prompts they never asked for.
Ah, gotcha. So this change is giving developers a more standardised way to follow that "add a button, pop up permission dialog" pattern that will hopefully drive more of them away from the bad pattern?
You get prompted to supply your location just like normal.
Using geolocation on the web is not something I do daily, but I do use it every now and then. The "locate stores near me" button for looking up store closing times is a lot easier than manually panning across a map.
I find Chrome's current implementation (on Android) to be acceptable as long as measures are taken to prevent clickjacking and such to automate repeating prompts after denying permissions. I expect other browsers like Firefox to be more conservative in showing popups like that.
Contextual permissions are a big improvement over early and uncertain prompts. I will never agree to grant my permission when first loading a page, however, I may do so if intentionally activating a map widget. At least then I understand the context by which it's being asked, and can make a more informed decision.
I'm curious to why the polyfill example uses unpkg.com. It is quite unreliable and has broken sites many times.
jsdelivr.com is much more reliable (Multi-CDN, Multi-DNS). Comparison: https://www.jsdelivr.com/unpkg
I am not affiliated in anyway to jsdeliver or unpkg. I simply used to be a user on unpkg.
Maybe for tracking purposes, because most google-affiliated CDNs are widely blocked and unpkg might be small enough to not immediately raise eyebrows with devs. Unpkg removed their SPONSORS.md file recently, and their README claims to be hosted at fly.io which seems to be behind Cloudflare.
I wonder if this new element is used by MapLibre.
The demo crashes Chrome on Android for me.
https://permission.site/geolocation_element.html
Works on my phone (after enabling the experiment in chrome-flags). Even includes localised permission prompts.
Also crashed for me on Chrome on Mac
I just don't get it. Why is this needed?
But I have no doubt there is a play happening here.
Probably it will change over time to make gathering data easier?
Or something else that makes Google money.
google.com/maps to capture your location across the whole domain easier than before
Google maps on mobile is directing the user to the native app more and more. So I doubt this. Geolocation on desktop is mostly useless.
Try to use some critical thinking here before immediately jumping into conspiracy theories. Maybe start with reading the actual post rather than just seeing Google and geolocation in the same sentence and forming your opinion based on that.
Unfortunately extending benefit of the doubt towards US tech companies is a luxury not everybody can or wants to afford. There is a clear pattern of enshittification of their products.
As you assume that GP has not read the post, how about you?
Because google clearly state that the "high denial rates" are a problem, but their framing of the issue is that the users have a "context gap" which needs to be fixed. Because they are convinced that even though users have decided against geolocation sharing with a specific website they want to get prompted about it over and over again as part of the organic interface of the website. And if they un-block it once over the new interface then the previous block will be forgotten and the permission will forever be granted.
A solution respecting their users would be to allow geolocation for duration of the browser tab, but that is clearly not in line with their data collection goals for their advertisers.
Main purpose of this seems to offer a way for undoing "previously blocked location access" by the user.
> If a prompt appears unexpectedly, users may block it reflexively or accidentally, unaware that this decision creates a permanent block that is difficult to reverse. This context gap—rather than the feature itself—is a primary driver of high denial rates.
> If a user previously blocked location access when browsing a site (perhaps by accident or lack of context), clicking the element triggers a specialized recovery flow. This helps them re-enable location at the moment when they actually want to use location, without the friction of navigating deep into the browser's site settings.
Google sees "high denial rates" when they try ask users for their geolocation. This is a problem for Google's customers, the advertisers. So they introduce this <geolocation> HTML tag so that dark patterns can be employed to trick users into permanently sharing location even though they have blocked location sharing before.
If the Google engineers who are working on this feature would actually give a damn about users who decided to block geolocation access, this feature would be designed as a "temporary access to geolocation for duration of browser session".
So basically it is all about more tracking and less data privacy.
It's overdue that skilled engineers provide better solutions than this crap, but of course it's much easier to be apolitical and become a millionaire working for a bunch of tech bros who visited Epstein's island.
Yeah they cited Zoom as a successful case study, but why does Zoom need access to my location in the first place? Asking me when I click the <geolocation> button will not change my decision to block.
Also I’m not sure about the argument of context disconnect. Properly designed websites will only ask for (and prompt the location permission modal) when it really needs it.
The Zoom mention was about camera and microphone permission with <permission>, not location:
> Zoom reported a 46.9% decrease in camera or microphone capture errors
Even though the other browser vendors have positive reaction, note how this follows the same pattern Chrome has followed for over a decade:
- scribble on a napkin (explainer)
- ask others for their position
- ship regardless of position or any outstanding issues
- claim it's a new standard
I'm not familiar with how this process went in this case, the blog post seems to suggest that feedback from other vendors was incorporated. Can you elaborate on the outstanding issues?
If you follow the links to browser positions, there are still discussions about various concerns that don't seem to have been addressed.
Yay! Next up, <usermedia>, which is even more vital a permission to be able to flip on and off!! https://github.com/WICG/PEPC/blob/main/usermedia_element.md https://groups.google.com/a/chromium.org/g/blink-dev/c/jQgYo...
As noted in the intent to ship for both, these are a very specific narrow cases chipped off a bunch broader attempt to offer declarative ways to handle permissions in general, a <permission> element.
Intent-to-ship for geolocation: https://groups.google.com/a/chromium.org/g/blink-dev/c/GL0Bk...
Earlier Page-Embedded Permissions Control (PEPC) proposal: https://github.com/WICG/proposals/issues/113 https://github.com/andypaicu/PEPC/blob/main/explainer.md
The root problem is that permissions right now are super hard to adjust for users (and the way they are exposed to the page is not very good at dealing with users turning permissions on and off either). It's imo very good that we are finally leaving this awful tarpit of design, & moving towards permissions being more fluid. I get that other browsers wanted to be conservative & not do a generic <permission> element, but given how big an improvement this feels like, I sort of wish it'd gotten the pass.
> The root problem is that permissions right now are super hard to adjust for users
Unlike you I'm not getting paid enough by google to accept this narrative. The root problem for google is "high denial rates" of geolocation prompts, as clearly stated by Google in the post.
Now please tell me what information the geolocation prompt actually provides to the website that cannot be taken from the IP address, which is already tracked and processed by google and every single website tracking tool. IP address tells the website about the city where users come from.
The root problem with "high denial rates" is that Google wants to know if you live in the rich part of town or in the poor part of town. This is why google engineers try to find new ways for users to permanently undo their blocking of geolocation permission.
If google engineers had any concern about their users, then the default option would be a way to temporarily allow geolocation for duration of the browser session, e.g. when you need to really use google maps. And after the browser window closes it would later go back to the previously blocked state from before.
It's a cognitive dissonance.