[csswg-drafts] [css-nav-1] hostile iframes (#3390) from Florian Rivoal via GitHub on 2018-12-03 (public-css-archive@w3.org from December 2018)

From: Florian Rivoal via GitHub <sysbot+gh@w3.org>
Date: Mon, 03 Dec 2018 07:57:57 +0000
To: public-css-archive@w3.org
Message-ID: <issues.opened-386698819-1543823876-sysbot+gh@w3.org>

frivoal has just created a new issue for https://github.com/w3c/csswg-drafts:

== [css-nav-1] hostile iframes ==
---

Migrated from https://github.com/WICG/spatial-navigation/issues/58
Originally created by @frivoal on *Tue, 29 May 2018 08:05:56 GMT*

---
To prevent hostile third party iframes (e.g. ads) from hijacking and trapping the focus, the spatpav events (and possibly APIs, althouh I'm less sure about that) should not be available by default in cross origin iframes.

The top-level document should have a way of turning them back on for iframes it trusts.



Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/3390 using your GitHub account

Received on Monday, 3 December 2018 07:57:58 UTC