W3C home > Mailing lists > Public > public-secondscreen@w3.org > April 2015

Re: [presentation-api] Presentations from within nested browsing contexts

From: Anssi Kostiainen via GitHub <sysbot+gh@w3.org>
Date: Mon, 20 Apr 2015 09:17:06 +0000
To: public-secondscreen@w3.org
Message-ID: <issue_comment.created-94402811-1429521424-sysbot+gh@w3.org>
The proposal by @mfoltzgoogle is aligned with the model employed by 
the Fullscreen API [1]. It is a good idea to reuse a model that is in 
use unless there are issues with it. Personally, I'm not aware of any,
 but I haven't deep dived into the Fullscreen API.

To summarize the proposal (assuming I got it right ;-)):

* Define a new `allow-default-presentation` content attribute for the 
HTML `iframe` element. In practice, something like this:
```
<iframe src="https://example.org/video/1234" 
allow-default-presentation></iframe>
```
* This content attribute must be set in order for the browser to be 
able to initiate a presentation from https://example.org/video/1234
* This prevents e.g. content from third parties to go fullscreen 
without explicit permission. A concern shared with the Fullscreen API 
[2].

Questions:

* Should we require the same for any `startSession()` invocation from 
within `iframe`? How about `joinSession()`?

Currently the spec notes in the 7.1 Starting a presentation session 
[3]:

> Queue a task T to request user permission for the use of a 
presentation display and selection of one presentation display.

I think that for nested content we should in addition require that the
 top-level browsing context has explicitly opted in to allow `iframe`s
 to initiate presentation sessions. 

WDYT?

(From the spec organization perspective, this requires us to patch the
 HTML spec slightly, but we can cross that bridge when we get there.)

[1] https://fullscreen.spec.whatwg.org/#model
[2] 
https://fullscreen.spec.whatwg.org/#security-and-privacy-considerations
[3] 
http://w3c.github.io/presentation-api/#starting-a-presentation-session

-- 
GitHub Notif of comment by anssiko
See 
https://github.com/w3c/presentation-api/issues/79#issuecomment-94402811
Received on Monday, 20 April 2015 09:17:14 UTC

This archive was generated by hypermail 2.3.1 : Monday, 20 April 2015 09:17:15 UTC