W3C home > Mailing lists > Public > public-css-archive@w3.org > December 2018

[csswg-drafts] [css-nav-1] hostile iframes (#3390)

From: Florian Rivoal via GitHub <sysbot+gh@w3.org>
Date: Mon, 03 Dec 2018 07:57:57 +0000
To: public-css-archive@w3.org
Message-ID: <issues.opened-386698819-1543823876-sysbot+gh@w3.org>
frivoal has just created a new issue for https://github.com/w3c/csswg-drafts:

== [css-nav-1] hostile iframes ==

Migrated from https://github.com/WICG/spatial-navigation/issues/58
Originally created by @frivoal on *Tue, 29 May 2018 08:05:56 GMT*

To prevent hostile third party iframes (e.g. ads) from hijacking and trapping the focus, the spatpav events (and possibly APIs, althouh I'm less sure about that) should not be available by default in cross origin iframes.

The top-level document should have a way of turning them back on for iframes it trusts.

Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/3390 using your GitHub account
Received on Monday, 3 December 2018 07:57:58 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 06:41:40 UTC