The Geolocation API provides access to geographical location
information associated with the hosting device.
Status of This Document
This section describes the status of this
document at the time of its publication. A list of current W3C
publications and the latest revision of this technical report can be found
in the W3C technical reports index at
https://www.w3.org/TR/.
The Devices and Sensors Working Group is updating this specification in
the hope of making it a "living standard". As such, we've dropped the
"Editions" and aim to continue publishing updated W3C Recommendations
of this specification as we add new features or fix bugs.
Publication as a Candidate Recommendation does not
imply endorsement by W3C and its Members. A Candidate Recommendation Snapshot has received
wide review, is intended to
gather
implementation experience,
and has commitments from Working Group members to
royalty-free licensing
for implementations.
Future updates to this specification may incorporate
new features.
This Candidate Recommendation is not expected to advance to Proposed
Recommendation any earlier than 18 March 2022.
This document was produced by a group
operating under the
W3C Patent
Policy.
W3C maintains a
public list of any patent disclosures
made in connection with the deliverables of
the group; that page also includes
instructions for disclosing a patent. An individual who has actual
knowledge of a patent which the individual believes contains
Essential Claim(s)
must disclose the information in accordance with
section 6 of the W3C Patent Policy.
The Geolocation API defines a high-level interface to
location information associated only with the device hosting the
implementation. Common sources of location information include Global
Positioning System (GPS) and location inferred from network signals
such as IP address, RFID, WiFi and Bluetooth MAC addresses, and
GSM/CDMA cell IDs, as well as user input. The API itself is agnostic of
the underlying location information sources, and no guarantee is given
that the API returns the device's actual location.
Provides location data as latitude, longitude, altitude, speed, and
heading, as well as the accuracy of the acquired location data, and the
approximate time for when the position was acquired via the
GeolocationPosition interface.
Supports "one-shot" position updates via the
getCurrentPosition() method and the ability to receive
updates for when the position of the hosting device significantly
changes via the watchPosition() method.
Using the PositionOptions's maximumAge,
allows an application to request a cached position whose age is no
greater than a specified value (only the last position is cached).
And through enableHighAccuracy, supports
requesting "high accuracy" position data, though the request can be
ignored by the user agent.
1.1
Scope
This section is non-normative.
This specification is limited to providing a scripting API for
retrieving geographic position information associated with a hosting
device. The geographic position information is provided in terms of
World Geodetic System coordinates [WGS84]. It does not include
providing a markup language of any kind, nor does not include
defining a new URL scheme for building URLs that identify geographic
locations.
1.2
Change log
This section is non-normative.
Since First Public Working Draft in 2021, the Geolocation
API has received the following normative changes:
Since publication of the Second Edition in 2016, this specification
has received the following changes:
Request a position only proceeds when a document is visible,
or the document becomes visible.
Clarified how caching works as part of acquiring a position:
only last position is cached, and can be evicted at any time.
Now relies on the Permissions specification to handle
permission grants, and user interface requirements.
The errorCallback is now nullable.
The API can be controlled by Permissions Policy, which
restricts how/where the API is exposed to web pages.
The callbacks are no longer treated as "EventHandler" objects
(i.e., objects that have a .handleEvent() method), but are now
exclusively treated as IDL callback functions.
The API is now only exposed in Secure Contexts (i.e., only
available in HTTPS).
The interfaces no longer use [WebIDL]'s legacy
[NoInterfaceObject], so Geolocation and other interface of this
spec are now in the global scope. Also, the interfaces were renamed
from NavigatorGeolocation* to just Geolocation*.
By default, the API always attempts to return a cached position so
long as it has a previously acquired position. In this example, we
accept a position whose age is no greater than 10 minutes. If the
user agent does not have a fresh enough cached position object, it
automatically acquires a new position.
2.6
Using timeout
If you require location information in a time sensitive manner, you
can use the PositionOptionstimeout member to
limit the amount of time you are willing to wait to acquire a position.
2.7
Enabling the API in third-party contexts
This section is non-normative.
The default allowlist of 'self' allows Geolocation API usage
in same-origin nested frames but prevents third-party content from
using the API.
Third-party usage can be selectively enabled by adding the
allow="geolocation" attribute to an iframe element:
Alternatively, the API can be disabled in a first-party context by
specifying an HTTP response header:
See Permissions Policy for more details about the
Permissions-Policy HTTP header.
3.
Privacy considerations
This section is non-normative.
The API defined in this specification is used to retrieve the
geographic location of a hosting device. In almost all cases, this
information also discloses the location of the user of the device,
thereby potentially compromising the user's privacy.
An end-user will generally give express permission through a user
interface, which usually present a range of permission
lifetimes that the end-user can choose from. The
choice of lifetimes vary across user agents, but they
are typically time-based (e.g., "a day"), or until browser is closed,
or the user might even be given the choice for the permission to be
granted indefinitely. The permission lifetimes dictate
how long a user agent grants a permission before that
permission is automatically reverted back to its default permission state, prompting the end-user to make a new choice upon subsequent
use.
Although the granularity of the permission lifetime
varies across user-agents, this specification urges user agents to
limit the lifetime to a single browsing session by default (see
3.4
Checking permission to use the API for normative requirements).
3.2
Privacy considerations for recipients of location information
This section is non-normative.
Note: Developers' responsibility with this sensitive data
This section applies to "recipients", which generally means
developers utilizing the Geolocation API. Although it's
impossible for the user agent, or this specification, to enforce
these requirements, developers need to read this section carefully
and do their best to adhere to the suggestions below. Developers need
to be aware that there might be privacy laws in their jurisdictions
that can govern the usage and access to users' location data.
Recipients ought to only request position information when necessary,
and only use the location information for the task for which it was
provided to them. Recipients ought to dispose of location information
once that task is completed, unless expressly permitted to retain it
by the user. Recipients need to also take measures to protect this
information against unauthorized access. If location information is
stored, users need to be allowed to update and delete this
information.
The recipients of location information need to refrain from
retransmitting the location information without the user’s express
permission. Care needs to be taken when retransmitting and the use of
encryption is encouraged.
Recipients ought to clearly and conspicuously disclose the fact that
they are collecting location data, the purpose for the collection,
how long the data is retained, how the data is secured, how the data
is shared if it is shared, how users can access, update and delete
the data, and any other choices that users have with respect to the
data. This disclosure needs to include an explanation of any
exceptions to the guidelines listed above.
3.3
Implementation considerations
This section is non-normative.
Implementers are advised to consider the following aspects that can
negatively affect the privacy of their users: in certain cases, users
can inadvertently grant permission to the user agent to disclose
their location to websites. In other cases, the content hosted at a
certain URL changes in such a way that the previously granted
location permissions no longer apply as far as the user is concerned.
Or the users might simply change their minds.
Predicting or preventing these situations is inherently difficult.
Mitigation and in-depth defensive measures are an implementation
responsibility and not prescribed by this specification. However, in
designing these measures, implementers are advised to enable user
awareness of location sharing, and to provide access to user
interfaces that enable revocation of permissions.
When checking permission
to use the API, a user agent MAY suggest time-based permissionlifetimes, such as "24 hours", "1 week", or choose to
remember the permission grant indefinitely. However,
it is RECOMMENDED that a user agent prioritize restricting the
permissionlifetime to a single session: This can
be, for example, until the realm is
destroyed, the end-user navigates away from the origin, or
the relevant browser tab is closed.
4.
Security considerations
There are no security considerations associated with Geolocation API at
the time of publication. However, readers are advised to read the
3.
Privacy considerations.
Instances of Geolocation are created with the internal slots in
the following table:
Internal slot
Description
[[cachedPosition]]
A GeolocationPosition, initialized to null. It's a reference
to the last acquired position and serves as a cache. A user agent
MAY evict [[cachedPosition]] by resetting it to
null at any time for any reason.
Wait for a significant change of
geographic position. What constitutes a significant
change of geographic position is left to the implementation.
User agents MAY impose a rate limit on how frequently position
changes are reported.
Create an implementation-specific timeout task that elapses at
timeoutTime, during which it tries to acquire the device's position
by running the following steps:
Otherwise, if position is not cachedPosition, try to
acquire position data from the underlying system, optionally
taking into consideration the value of
options.enableHighAccuracy during
acquisition.
If the timeout elapses during acquisition, or acquiring
the device's position results in failure:
The enableHighAccuracy member provides a hint that the
application would like to receive the most accurate location data.
The intended purpose of this member is to allow applications to
inform the implementation that they do not require high accuracy
geolocation fixes and, therefore, the implementation MAY avoid using
geolocation providers that consume a significant amount of power
(e.g., GPS).
Note: A word of warning about enableHighAccuracy
7.2
timeout member
The timeout member denotes the maximum length of time,
expressed in milliseconds, before acquiring a position expires.
The maximumAge member indicates that the web application
is willing to accept a cached position whose age is no greater than
the specified time in milliseconds.
The latitude and longitude attributes are
geographic coordinates specified in decimal degrees.
The accuracy attribute denotes the accuracy level of the
latitude and longitude coordinates in meters (e.g., 65 meters).
9.2
altitude and altitudeAccuracy attributes
The altitude attribute denotes the height of the position,
specified in meters above the [WGS84] ellipsoid.
The altitudeAccuracy attribute represents the altitude
accuracy in meters (e.g., 10 meters).
9.3
heading attribute
The heading attribute denotes the direction of travel of
the hosting device and is specified in degrees, where 0° ≤ heading
< 360°, counting clockwise relative to the true north.
9.4
speed attribute
The speed attribute denotes the magnitude of the
horizontal component of the hosting device's current velocity in
meters per second.
9.5
Constructing a GeolocationPosition
A new GeolocationPosition is constructed with
EpochTimeStamptimestamp and boolean
isHighAccuracy by performing the following steps:
Initialize coord's latitude
attribute to a geographic coordinate in decimal degrees.
Initialize coord's longitude
attribute to a geographic coordinate in decimal degrees.
Initialize coord's accuracy
attribute to a non-negative real number. The value SHOULD
correspond to a 95% confidence level with respect to the
longitude and latitude values.
Initialize coord's altitude
attribute in meters above the [WGS84] ellipsoid, or null if
the implementation cannot provide altitude information.
Initialize coord's
altitudeAccuracy attribute as
non-negative real number, or to null if the implementation
cannot provide altitude information. If the altitude accuracy
information is provided, it SHOULD correspond to a 95% confidence
level.
Initialize coord's speed
attribute to a non-negative real number, or as null if the
implementation cannot provide speed information.
Initialize coord's heading
attribute in degrees, or null if the implementation cannot
provide heading information. If the hosting device is stationary
(i.e., the value of the speed
attribute is 0), then initialize the
heading to NaN.
Return a newly created GeolocationPosition instance with its
coords attribute initialized to coords and
timestamp attribute initialized to
timestamp, and its [[isHighAccuracy]]
internal slot set to isHighAccuracy.
As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative. Everything else in this specification is normative.
The key words MAY, MUST, RECOMMENDED, and SHOULD in this document
are to be interpreted as described in
BCP 14
[RFC2119] [RFC8174]
when, and only when, they appear in all capitals, as shown here.
This specification builds upon earlier work in the industry, including
research by Aza Raskin, Google Gears Geolocation API, and
LocationAware.org.
Thanks also to Alec Berntson, Alissa Cooper, Steve Block, Greg
Bolsinga, Lars Erik Bolstad, Aaron Boodman, Dave Burke, Chris Butler,
Max Froumentin, Shyam Habarakada, Marcin Hanclik, Ian Hickson, Brad
Lassey, Angel Machin, Cameron McCormack, Daniel Park, Stuart Parmenter,
Olli Pettay, Chris Prince, Arun Ranganathan, Carl Reed, Thomas
Roessler, Dirk Segers, Allan Thomson, Martin Thomson, Doug Turner, Erik
Wilde, Matt Womer, and Mohamed Zergaoui.