W3C home > Mailing lists > Public > public-html@w3.org > October 2012

[Bug 19773] New: Add sandboxed pointer lock flag to HTML Sandboxing

From: <bugzilla@jessica.w3.org>
Date: Tue, 30 Oct 2012 10:25:33 +0000
To: public-html@w3.org
Message-ID: <bug-19773-2495@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=19773

          Priority: P3
            Bug ID: 19773
                CC: ian@hixie.ch, mike@w3.org,
                    public-html-wg-issue-tracking@w3.org,
                    public-html@w3.org, public-webapps@w3.org,
                    scheib@chromium.org
          Assignee: erika.doyle@microsoft.com
            Blocks: 19752
           Summary: Add sandboxed pointer lock flag to HTML Sandboxing
        QA Contact: public-html-bugzilla@w3.org
          Severity: normal
    Classification: Unclassified
                OS: other
          Reporter: eoconnor@apple.com
          Hardware: Other
            Status: NEW
           Version: unspecified
         Component: HTML5 spec
        Depends on: 18647
           Product: HTML WG

+++ This bug was initially created as a clone of Bug #18647 +++

Pointer Lock API [1] adds capability that should be restricted by a sandbox
flag unless an iframe is marked explicitly with sandbox="allow-pointer-lock"

Rough edit suggestion to HTML:
http://dev.w3.org/html5/spec/origin-0.html#sandboxing

Add a section for The sandboxed pointer lock flag
+ "The sandboxed pointer lock flag
+  This flag prevents content from using the Pointer Lock API"
   with link to http://www.w3.org/TR/pointerlock/

Add a new flag parsing item:
After the text: "When the user agent is to parse a sandboxing directive ..."
Add
+ "The sandboxed pointer lock flag, unless tokens contains the
allow-pointer-lock keyword"


[1] http://dvcs.w3.org/hg/pointerlock/raw-file/default/index.html

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Tuesday, 30 October 2012 10:25:41 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 30 October 2012 10:25:42 GMT