It'd be nice if user agents had the option to separate this into another permission - I can imagine situations where I'd be okay with having a badge shown but I don't want to see any notifications.

In my ideal world, even if a user agent doesn't think badging requires express permission for badging I'd like to be able to opt out of it.

Are we able to add a more granular permission later?

Yeah, it's complicated :(

That (showing the badge) controlled by the OS, so that gets us back to not requiring the granular permission. But yes, the Notifications API itself needs to control this, because it is ultimately the source of truth and policy enforcement point here.

We might need to discuss this with @annevk.

I see this text was removed from the PR?

Declarative Web Push will continue to require the notification permission, mainly because there's always a notification and badging is an aside, but I could see the Badge API not requiring it as it's not explicitly exposed. But it would be weird if in some user agents it only shows up after the notification permission is obtained. That would not be a great story for web developers.

@annevk, take a look at the discussion in #110

On the one hand, there is a nice quality here in that it leaves showing the badge entirely under the user's control.

The other nice quality, on macOS at least, is that it automatically and unobtrusively prompts for notification permission when .setAppBadge() is called.

Irrespective, setting the badge has succeeded, so the permission check doesn't actually need to come into play here.

In #110, @mkruisselbrink suggests maybe having an API addition whereby a developer could check if badging requires notification permission to show up (at the platform/browser level). That could solve the problem of having to do platform/UA sniffing, while being privacy preserving.

something like at static (joke name):

Notification.platfromWillShowBadgeWithoutRequestingPermission;

Yeah, that might be reasonable; slightly better bike shed color: Notification.showingAppBadgeRequiresPermission.

Yeah, and I guess it wouldn't expose any more information because you should be able to infer what that bit is set to from the user-agent.

👍 from me.

I agree that having such a field makes sense. From experimenting a while ago it seemed to me that the macOS OS level permissions behavior was such that a macOS application does not need notifications permissions to display an app badge if it doesn't otherwise interact with the notifications system in any way (which is why app badging works at all in PWAs on Chrome on mac today), but as soon as an application does anything with notifications a previously visible app badge will disappear until/unless the user approved notifications permission. With that it might not be quite true that it is entirely derivable from the user agent, but we might still just return true for all sites checking that field on Chrome on macOS, as I don't think the OS exposes a similar field and it's probably not worth trying to keep track of it on the Chrome side.

I need to think about this a bit... but I wonder if this could be a fine grained permissions policy check like: navigator.permissions.query("notifications-badging");.

Also, that might allow us to have an all around better permissions policy behavior for this feature.... it's currently restricted to same-origin domain. We should make it work like any other feature with respect to permissions policy.