- From: Robin Berjon <robin@berjon.com>
- Date: Tue, 6 Sep 2011 13:52:21 +0200
- To: www-dom@w3.org
- Cc: public-device-apis@w3.org
Dear www-dom, in working on the Contacts API[0], DAP has described a security model in which opening up a contacts picker (which is similar in idea to a file picker, but — you guessed if — for contacts rather than files) can be triggered only by code that traces back to a genuine user action. The idea is that this would be similar to the way in which window.open() or <input type=file>.click() are handled so as to prevent abuse but not require an ugly control. The set of events that could pull that trigger was called "valid auto-invocation events"[1], and defined to include click, dblclick, and mouseup. There are several problems with that: • the terminology is a bit cryptic and does not correspond to the same thing used elsewhere (for which I couldn't find a name); • the exact way in which the call stack is traced back to such an event and potential limitations thereof are not really described (maybe we can get away without it, but I'd rather be sure); • the set of events isn't exactly accessibility-friendly, as correctly noted by PFWG. It would seem that this could usefully be shared across several specifications that might wish to rely on the same kind of limitation and that guaranteeing some interoperability would be helpful here. It would also seem that www-dom would be a very good place to have this discussion. (DAP could probably handle publishing something in this area if a group is needed, it doesn't fall outside the charter.) Thoughts? [0] http://dev.w3.org/2009/dap/contacts/ [1] http://dev.w3.org/2009/dap/contacts/#dfn-valid-auto-invocation-event Trackbot: this targets DAP-ISSUE-113 and DAP-ACTION-448. -- Robin Berjon - http://berjon.com/ - @robinberjon
Received on Tuesday, 6 September 2011 11:52:55 UTC