Focus control in privacy test steps #185
Comments
|
I checked this in GenericSensor, current focused frame and frames that are same-origin with the current focused frame can get sensor readings. |
|
As far as I understand the specs, you are correct and I don't see any issue with this. |
|
I think this is going to be limiting. We want to allow people to embed SDKs like Zoom or Whereby, and we already force them to explicitly set a security polity to allow them to have access. I would say that if they or any parent have focus they should be allowed to have access to the readings in pseudo code: |
|
So an iframe can access to the readings only when any parent has focus and it is same-origin with the focused parent frame, right? |
|
@anssiko what do you think about this approach? |
|
This, as any other new API, should align with the established practice. I'm hearing the use case at hand is an SDK embedded in an iframe. You can look at how we did that in the Battery Status API for the YT embed. For novel approaches, I recommend you seek explicit feedback from the relevant horizontal group(s). You can find the in-flight review requests from #177 and you can augment them with this design consideration. The requests are GH issues filed against each horizontal group's repo. |
According to the spec (as it is written right now), only the focused frame (and anyone same origin with it's origin) can receive events. The frame also has to have all its parents having granted permission policy (auto granted for top level frame) |
|
Let focusedDocument be the topLevelBC's currently focused area's node document. // calls this algo: https://html.spec.whatwg.org/multipage/interaction.html#currently-focused-area-of-a-top-level-browsing-context The currently focused area of a top-level traversable traversable is the focusable area-or-null returned by this algorithm: If traversable does not have system focus, then return null. // Our spec also has that check for top frame, so we could remove that Let candidate be traversable's active document. While candidate's focused area is a navigable container with a non-null content navigable: set candidate to the active document of that navigable container's content navigable. // navigable container == main frame and iframes (and maybe portals in the future) so it iterates to the inner most focused frame If candidate's focused area is non-null, set candidate to candidate's focused area. Return candidate. |
|
Looking over the spec, I think it works as intended. But I think we could discuss whether we should open it up more. Like currently we try to make sure that only one origin get's data at one time, but maybe it is OK that more do if explicitly allowed by setting security policy |
Yes, permission policy has already been considered. If an iframe is not allowed by permission policy, observer in the frame can't call observe() successfully (see code).
|
Only frame C will get access as well as any other document sharing same-origin |
Same as above, only the focused frame (which has allowed policy) and same origin origins can get events |
This CL improves implementation of focus control in two ways: 1. Check if FocusController is focused. This can resolve the bug that page not in focus still gets update. 2. Remove IsOutermostMainFrame() check. As discussed in [1], this is not the necessary condition. [1] w3c/compute-pressure#185 Bug: 1403458 Change-Id: I65186b7bd01438ca0c2e5b7e8a09355b5704f8d5
This CL improves implementation of focus control in two ways: 1. Check if FocusController is focused. This can resolve the bug that page not in focus still gets update. 2. Remove IsOutermostMainFrame() check. As discussed in [1], this is not the necessary condition. [1] w3c/compute-pressure#185 Bug: 1403458 Change-Id: I65186b7bd01438ca0c2e5b7e8a09355b5704f8d5
This CL improves implementation of focus control in two ways: 1. Check if FocusController is focused. This can resolve the bug that page not in focus still gets update. 2. Remove IsOutermostMainFrame() check. As discussed in [1], this is not the necessary condition. [1] w3c/compute-pressure#185 Bug: 1403458 Change-Id: I65186b7bd01438ca0c2e5b7e8a09355b5704f8d5
This CL improves implementation of focus control in two ways: 1. Check if FocusController is focused. This can resolve the bug that page not in focus still gets update. 2. Remove IsOutermostMainFrame() check. As discussed in [1], this is not the necessary condition. [1] w3c/compute-pressure#185 Bug: 1403458 Change-Id: I65186b7bd01438ca0c2e5b7e8a09355b5704f8d5
This CL improves implementation of focus control in two ways: 1. Check if FocusController is focused. This can resolve the bug that page not in focus still gets update. 2. Remove IsOutermostMainFrame() check. As discussed in [1], this is not the necessary condition. [1] w3c/compute-pressure#185 Bug: 1403458 Change-Id: I65186b7bd01438ca0c2e5b7e8a09355b5704f8d5 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4273865 Commit-Queue: Wei4 Wang <[email protected]> Reviewed-by: Raphael Kubo Da Costa <[email protected]> Reviewed-by: Fr <[email protected]> Cr-Commit-Position: refs/heads/main@{#1110203}
This CL improves implementation of focus control in two ways: 1. Check if FocusController is focused. This can resolve the bug that page not in focus still gets update. 2. Remove IsOutermostMainFrame() check. As discussed in [1], this is not the necessary condition. [1] w3c/compute-pressure#185 Bug: 1403458 Change-Id: I65186b7bd01438ca0c2e5b7e8a09355b5704f8d5 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4273865 Commit-Queue: Wei4 Wang <[email protected]> Reviewed-by: Raphael Kubo Da Costa <[email protected]> Reviewed-by: Fr <[email protected]> Cr-Commit-Position: refs/heads/main@{#1110203}
… of focus control, a=testonly Automatic update from web-platform-tests [ComputePressure] Improve implementation of focus control This CL improves implementation of focus control in two ways: 1. Check if FocusController is focused. This can resolve the bug that page not in focus still gets update. 2. Remove IsOutermostMainFrame() check. As discussed in [1], this is not the necessary condition. [1] w3c/compute-pressure#185 Bug: 1403458 Change-Id: I65186b7bd01438ca0c2e5b7e8a09355b5704f8d5 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4273865 Commit-Queue: Wei4 Wang <[email protected]> Reviewed-by: Raphael Kubo Da Costa <[email protected]> Reviewed-by: Fr <[email protected]> Cr-Commit-Position: refs/heads/main@{#1110203} -- wpt-commits: f72c88ab79843a46ffdf63264e833121811f08d9 wpt-pr: 38601
This CL improves implementation of focus control in two ways: 1. Check if FocusController is focused. This can resolve the bug that page not in focus still gets update. 2. Remove IsOutermostMainFrame() check. As discussed in [1], this is not the necessary condition. [1] w3c/compute-pressure#185 Bug: 1403458 Change-Id: I65186b7bd01438ca0c2e5b7e8a09355b5704f8d5 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4273865 Commit-Queue: Wei4 Wang <[email protected]> Reviewed-by: Raphael Kubo Da Costa <[email protected]> Reviewed-by: Fr <[email protected]> Cr-Commit-Position: refs/heads/main@{#1110203}
… of focus control, a=testonly Automatic update from web-platform-tests [ComputePressure] Improve implementation of focus control This CL improves implementation of focus control in two ways: 1. Check if FocusController is focused. This can resolve the bug that page not in focus still gets update. 2. Remove IsOutermostMainFrame() check. As discussed in [1], this is not the necessary condition. [1] w3c/compute-pressure#185 Bug: 1403458 Change-Id: I65186b7bd01438ca0c2e5b7e8a09355b5704f8d5 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4273865 Commit-Queue: Wei4 Wang <[email protected]> Reviewed-by: Raphael Kubo Da Costa <[email protected]> Reviewed-by: Fr <[email protected]> Cr-Commit-Position: refs/heads/main@{#1110203} -- wpt-commits: f72c88ab79843a46ffdf63264e833121811f08d9 wpt-pr: 38601
|
@wangw-1991 If you consider this as fixed, please close. |
Thanks for reminding. |
Let’s consider a special case. As shown in the picture, Main frame A embedded iframe B, iframe B embedded iframe C, iframe C embedded iframe D. Main frame A and iframe C are same -origin, iframe B and iframe D are same-origin, but Main frame A and iframe B are cross-origin. According to the spec, If we focus on iframe B, observer in Iframe D can receive PressureRecord, right? Because top-level browsing context has system (system focus is actually per window, so if the iframe has focus, the top-level browsing context will have system focus) and the document (iframe D) is same-origin with focused document (iframe B).
The text was updated successfully, but these errors were encountered: