Suggest adding a PositionError entry for requests denied because of origin

[yell0wd0g]

From https://bugs.chromium.org/p/chromium/issues/detail?id=630305:

Refer to https://developers.google.com/web/updates/2016/04/geolocation-on-secure-contexts-only

Since Chrome 50, HTTP origins are not allowed to access (among other things) the geolocation API. The above page provides rationale on why this was done, as well as a method to detect if geolocation has been disabled by the browser due to an insecure origin. Unfortunately, as the page itself notes, this detection method is "quite brittle", using a hard-coded English-language string to determine whether the user or the browser blocked the geolocation request. A far better option would be to return a discrete error code that allows developers to distinguish this case.

I suggest an additional field on the PositionError interface, something like PERMISSION_DENIED_INSECURE_ORIGIN = 4. Alternatively the navigator.geolocation property could be undefined on insecure origins (because let's face it, if the API is inaccessible due to browser security restrictions, it might as well not be there at all). Either way, this would give developers a sure way to know that they cannot depend on geolocation being available.

[reillyeon]

This was resolved by #34.