RE: [widgets] window modes in P&C, was Re: Small question aboutlatestversion of "P&C specs" (11th Mar 2009) from ivan.demarino@orange-ftgroup.com on 2009-05-11 (public-webapps@w3.org from April to June 2009)

From: <ivan.demarino@orange-ftgroup.com>
Date: Mon, 11 May 2009 13:43:25 +0200
To: <arveb@opera.com>, <marcosc@opera.com>
Cc: <public-webapps@w3.org>
Message-ID: <B877D90AB2240C4D84DF56169F1EAFED0632799C@ftrdmel3>

Forgive my ignorance, but... "spoofing attack"? O_o 

I'll explain the scenario I have in mind:
- Widget calls the API "requestModeChange(<string representing a desired
mode>);"
- WUA checks if that mode is valid (the string is valid) and if the WUA
"likes" the mode (there could be WUA that supports only "fullscreen",
for example)
- WUA does a "modechange" on the Widget

Where exactly you think there could be a "confused UI" or a "spoofing"?

---
Ivan De Marino
Orange Labs
Mobile and Web Software Engineer, R&D UK
tel. +44 20 8849 5806
mob. +44 7515 955 861
mob. +44 7974 156 216
ivan.demarino@orange-ftgroup.com

This e-mail, and any files transmitted with it, is intended only for the
use of the person/s or entity to whom it is addressed. If you are not
the intended recipient (or authorised to receive information for the
intended recipient) you must not use, disclose, copy, print or rely on
this e-mail. If an addressing or transmission error has misdirected this
e-mail, please notify the author by replying to this e-mail and delete
all copies of this e-mail.  Thank you.

France Telecom R&D UK Ltd is a company registered in England and Wales
with company number 4193379. Our registered office is Minerva House,
Montague Close, London, SE1 9BB.

-----Original Message-----
From: Arve Bersvendsen [mailto:arveb@opera.com] 
Sent: 11 May 2009 12:25
To: DE MARINO Ivan RD-ILAB-LON; marcosc@opera.com
Cc: public-webapps@w3.org
Subject: Re: [widgets] window modes in P&C, was Re: Small question
aboutlatestversion of "P&C specs" (11th Mar 2009)

On Mon, 11 May 2009 13:14:40 +0200, <ivan.demarino@orange-ftgroup.com>
wrote:

> About the "widget requesting a resize", I sent in the past an email to

> Arve about something similar but not quite the same: a sort of 
> "request mode change" or something. This would allow widgets to ASK 
> the WUA for "mode change".
> Any news about that?

As I've noted in the past, I don't really think this is a good idea, as
the distinction between "floating" and "application" (or whatever we do
with this in the end), will result in a confusing UI at best. At worst,
we could end with UI spoofing attacks.

--
Arve Bersvendsen

Opera Software ASA, http://www.opera.com/

Received on Monday, 11 May 2009 11:45:18 UTC