- From: Justin Kruger via GitHub <noreply@w3.org>
- Date: Mon, 09 Mar 2026 19:37:38 +0000
- To: public-css-archive@w3.org
well for one it could always have a default blur, or textured / frosted blur I would imagine that any screenshot tool in the browser when it's composited, would not composite the OS layer in. you could flag the browser to default to black, white, or alpha. so the snapshot image would have alpha wherever the frosted transparency is. you absolutely wouldn't want full transparency as you could iframe a real site below and then do a text input over the iframed site, and phish the user. I think a mandatory default gaussian blur or frosted blur would be still cool. if the user takes a screenshot at the OS layer, well that's on them. the browser doesn't need to protect against that, but a browser setting or flag could disable the feature temporarily or as a setting in the browser. I could even see the user allowing the background to be the browser theme background. I do think if the web is going to make it to AR or VR, that this is a necessary feature, let alone the number of desktop apps that I have now that are based on html/js/css. These apps that are wrapped by electron and other frameworks should support translucent panels to maintain a modern look. On Mon, Mar 9, 2026 at 11:56 AM W1Real ***@***.***> wrote: > *W1Real* left a comment (w3c/csswg-drafts#7281) > <https://github.com/w3c/csswg-drafts/issues/7281#issuecomment-4026034377> > > I think security needs to be considered heavily with that, doing it in a > protected way so that webpages can't see the user's screen without their > permission. > > What would be the fallback in case of a tool like html2canvas to use to > capture the page? Does it appear black like DRM content? > > Also like it was already mentioned here, it might trick people easier into > thinking it's a OS inside. We already have phishing without transparency. > > If it's allowed, it should probably come with allowing the OS to handle > the transparency effect, many users want reduced transparency/effects, also > it would make it less likely for tap hijacking/phishing because we can > recognize the operating system's transparency effect. > > — > Reply to this email directly, view it on GitHub > <https://github.com/w3c/csswg-drafts/issues/7281#issuecomment-4026034377>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/AAB5CFVFV24YYU4ULMDNJ534P4HW3AVCNFSM6AAAAACWMG42ISVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHM2DAMRWGAZTIMZXG4> > . > You are receiving this because you commented.Message ID: > ***@***.***> > -- -- -- Justin Kruger Software Consultant / Engineer - San Francisco, CA -- http://jDavid.net http://www.linkedin.com/in/jdavid https://github.com/jDavidnet -- ***@***.*** -- GitHub Notification of comment by jDavidnet Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/7281#issuecomment-4026268228 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 9 March 2026 19:37:39 UTC