+ Web pages often run more- and less-trusted components as the same origin. For example, a + newspaper may run advertising code without sandboxing it into a cross-origin iframe. If the + newspaper has a legitimate reason to use a person's location, that also happens to grant + access to the less trusted advertiser. Without the {{Permissions/query()}} function in this + specification, to read the person's location, an advertisement needs to risk showing a + prompt, which exposes it to detection. With this function, the advertisement can silently + track just the people who've already granted their location to the newspaper. The UA might + provide notice of when permissions are in use on a page which might increase the visibility + of abuse. +
An adversary could use a permission state as an element in creating a "fingerprint" corresponding to an end-user. Although an adversary can already determine the state of a