- From: Tab Atkins Jr. <jackalmage@gmail.com>
- Date: Mon, 20 Jun 2011 10:48:15 -0700
- To: Adam Barth <w3c@adambarth.com>
- Cc: Vincent Scheib <scheib@google.com>, Brandon Andrews <warcraftthreeft@sbcglobal.net>, "Gregg Tavares (wrk)" <gman@google.com>, Glenn Maynard <glenn@zewt.org>, Charles Pritchard <chuck@jumis.com>, Kenneth Russell <kbr@google.com>, robert@ocallahan.org, public-webapps@w3.org
On Mon, Jun 20, 2011 at 10:18 AM, Adam Barth <w3c@adambarth.com> wrote: > So it sounds like we don't have a security model but we're hoping UA > implementors can dream one up by combining enough heuristics. A model which I suggested privately, and which I believe others have suggested publicly, is this: 1. While fullscreen is enabled, you can lock the mouse to the fullscreened element without a prompt or persistent message. A temporary message may still be shown. The lock is automatically released if the user exits fullscreen. 2. During a user-initiated click, you can lock the mouse to the target or an ancestor without a permissions prompt, but with a persistent message, either as an overlay or in the browser's chrome. 3. Otherwise, any attempt to lock the mouse triggers a permissions prompt, and while the lock is active a persistent message is shown. These wouldn't be normative, of course, because different platforms may have different permissions models, but they seem like a good outline for balancing user safety with author convenience/lack of user annoyance. ~TJ
Received on Monday, 20 June 2011 17:49:02 UTC