Re: [w3ctag/design-reviews] Fenced frames with local unpartitioned data access (Issue #975) from Johann Hofmann on 2025-03-27 (public-webapps-github@w3.org from March 2025)

From: Johann Hofmann <notifications@github.com>
Date: Thu, 27 Mar 2025 06:37:05 -0700
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/975/2758068240@github.com>

johannhof left a comment (w3ctag/design-reviews#975)

> I don't think that your response really addresses the feedback. You might claim that presenting additional information could improve the information that a user has in making choices, which is objectively true. However, the primary concern is about the potential for deception. Arguably, the Google Pay example is both improving information presentation AND a deceptive practice at the same time, so this is not mutually exclusive.

Just to understand your point @martinthomson, are you arguing that these well-established (and very common) third-party payment widgets are deceptive / harmful for users on the web? Not to be too argumentative here, but is there any evidence of that? Any research or even anecdotal evidence of the last 4 digits of a credit card coercing users into making a purchase vs. driving an intentional, more informed choice by users to complete the payment flow? I'll note that at this point, they have usually placed an item in their cart and are at the final step of checking out, and that AFAIK there is another confirmation step after clicking the button.

> > even in the event of a click, no sharing of cross-site data happens
> 
> I do not agree with this claim.

Just to make sure I get this - From my perspective, you are technically correct claiming that a click on a page (say on a Fenced Frame) can lead to the sharing of information across top-level sites by virtue of the existence of top-level navigations. What I believe Shivani meant is that there is no additional information that a Fenced Frame could contribute here vs. any other element on the page, thus not changing the status quo. Am I correct here?

I agree that this feature could make it more likely for a user to produce a click on the page (which comes back to the discussion above), but would you say that "a click on the page" is a high value target for a potential attacker? In my view no functionality on the Web Platform that is gated on user gestures should be so high stakes that an inadvertent user click would cause any material level of harm.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/975#issuecomment-2758068240
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/975/2758068240@github.com>

Received on Thursday, 27 March 2025 13:37:09 UTC