- From: Marcos Cáceres <notifications@github.com>
- Date: Wed, 12 Oct 2022 20:16:41 -0700
- To: w3c/screen-orientation <screen-orientation@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3c/screen-orientation/pull/215/review/1139966714@github.com>
@marcoscaceres commented on this pull request.
> + A screen's [=current orientation type|type=] and [=current orientation
+ angle|angle=] is a potential fingerprinting vector. To resist
+ fingerprinting (e.g., in private browsing), user agents MAY:
+ </p>
+ <ol>
+ <li>Restrict the value return by the {{ScreenOrientation/type}}
+ attribute to {{OrientationType/"portrait-primary"}} or
+ {{OrientationType/"landscape-secondary"}} to match the screen's
+ aspect ratio.
+ </li>
+ <li>Always return `0` for the value of the {{ScreenOrientation/angle}}
+ attribute.
+ </li>
+ <li>If the screen orientation changes, not fire the <a data-link-for=
+ "ScreenOrientation">change</a> event to reveal a change to a
+ [=secondary=] orientation.
> Wouldn't this encourage battery-expensive polling instead?
Sorry, I might need to word this better. The answer is "no", because the UA wouldn't fire events when switching from "X-primary" to "X-secondary". Only if "X" changes, would the event fire, but it would always report as "X-primary".
The reason the orientation change event does fire, is that the screen width/height would change, which is already observable either polling `screen`'s attribute or simply by `matchMedia("(orientation: landscape)")`.
--
Reply to this email directly or view it on GitHub:
https://github.com/w3c/screen-orientation/pull/215#discussion_r994074280
You are receiving this because you are subscribed to this thread.
Message ID: <w3c/screen-orientation/pull/215/review/1139966714@github.com>
Received on Thursday, 13 October 2022 03:16:54 UTC