alt Hacker NewsThis element has an autolocate attribute that will request permission automatically, plus it doesn't supersede the JS api, it simply provides a declarative alternative to it, so sites that follow this negative pattern will keep doing so.
At the same time, there is no reason to not implement this pattern today and require user intent prior to requesting the permission
According to the post, autolocate only does something after a user initiated permission has been granted.
So on the first vist you still need to click the button. On the second visit the callback will be triggered directly.
But, well, nothing prevents a big fat html modal on the page pointing to the button, now does it? If you want to annoy your product^H^H^H^H^H^H^Husers then you can always find ways to do so.