[w3c/gamepad] Re-enable Gamepad Access from HTTP (aka insecure) Context (Issue #203) from Yuxuan Zhang on 2024-05-08 (public-webapps-github@w3.org from May 2024)

From: Yuxuan Zhang <notifications@github.com>
Date: Wed, 08 May 2024 13:51:06 -0700
To: w3c/gamepad <gamepad@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/gamepad/issues/203@github.com>

As is pointed out in #113 #120 , insecure context has privacy risks imposed by code injection. And the gamepad API now plans to be completely disabled in context other than a secure connection (or by [local-network-access](https://github.com/w3c/gamepad/issues/local-network-access), which looks irrelevant to me since it focuses on HTTP request handling instead of device permission).

The security concerns brought up by @marcoscaceres is totally understandable and should indeed be treated seriously. However, **it should not come at the cost of killing many existing or potential DIY projects or local applications that cannot run over SSL**. Therefore, I opened this issue hoping to discuss for **better solutions** which will allow access to GamePad while keeping out malicious code injection attacks over HTTP connection.

I've provided my use case [here](https://github.com/w3c/gamepad/pull/120#issuecomment-2101320169). Other people also has concerns on this, as shown in the original issue and PR.

My proposal is to let the browser engine prompt the user for their permission for _full access_ to the gamepad. _Full access_ means the full feature of the gamepad being exposed from gamepad API, even when window is not focused. Before _full access_ was granted, code from an insecure context may still access an abstracted controller that do not contain any device-specific information nor physical actuators, and will only be updated when the window is focused. This is inspired by @BlobTheKat in https://github.com/w3c/gamepad/issues/120#issuecomment-2101353498_, the gamepad is just another Human Input Device (HID) like the keyboard, therefore it makes no sense to completely block access to it even with potential presence of malicious code.

Please feel free leave comments if your use case is also affected by this restriction. All ideas and opinions are welcome.

--
Reply to this email directly or view it on GitHub:
https://github.com/w3c/gamepad/issues/203
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/gamepad/issues/203@github.com>

Received on Wednesday, 8 May 2024 20:51:11 UTC