[Bug 19752] New: Add sandboxed pointer lock flag to HTML Sandboxing

https://www.w3.org/Bugs/Public/show_bug.cgi?id=19752

          Priority: P3
            Bug ID: 19752
                CC: ian@hixie.ch, mike@w3.org, public-webapps@w3.org,
                    robin@w3.org, scheib@chromium.org
          Assignee: silviapfeiffer1@gmail.com
           Summary: Add sandboxed pointer lock flag to HTML Sandboxing
        QA Contact: public-html-bugzilla@w3.org
          Severity: normal
    Classification: Unclassified
                OS: other
          Reporter: silviapfeiffer1@gmail.com
          Hardware: Other
            Status: NEW
           Version: unspecified
         Component: default
        Depends on: 18647
           Product: HTML.next

+++ This bug was initially created as a clone of Bug #18647 +++

Created to merge
https://github.com/w3c/html/commit/0e5f355bd059d8857a44505757da025f21e2efb7,
which has been parked in feature/whatwg_iframe_pointer_lock branch.



Pointer Lock API [1] adds capability that should be restricted by a sandbox
flag unless an iframe is marked explicitly with sandbox="allow-pointer-lock"

Rough edit suggestion to HTML:
http://dev.w3.org/html5/spec/origin-0.html#sandboxing

Add a section for The sandboxed pointer lock flag
+ "The sandboxed pointer lock flag
+  This flag prevents content from using the Pointer Lock API"
   with link to http://www.w3.org/TR/pointerlock/

Add a new flag parsing item:
After the text: "When the user agent is to parse a sandboxing directive ..."
Add
+ "The sandboxed pointer lock flag, unless tokens contains the
allow-pointer-lock keyword"


[1] http://dvcs.w3.org/hg/pointerlock/raw-file/default/index.html

-- 
You are receiving this mail because:
You are on the CC list for the bug.