- From: Tom Ritter <tom@ritter.vg>
- Date: Fri, 1 Jun 2018 13:51:43 +0000
- To: Léonie Watson <tink@tink.uk>
- Cc: Webapps WG <public-webapps@w3.org>
Took me a bit, but I opened github issues. On 19 May 2018 at 12:15, Léonie Watson <tink@tink.uk> wrote: > > On 18/05/2018 19:41, Tom Ritter wrote: >> >> Hi all, I've been working to review the draft and have questions. I >> think some of these might be able to be turned into issues on github >> but I wanted to start a discussion first. > > > Thanks Tom. We appreciate you taking time to review this. > >> >> 1) I have read in the past that the id field sometimes contains things > > >> like a serial number. Obviously this presents a very persistent >> tracking identifier. >> >> Mozilla says: in Firefox it will contain three pieces of information >> separated by dashes (-): >> Two 4-digit hexadecimal strings containing the USB vendor and product >> id of the controller >> The name of the controller as provided by the driver. >> https://developer.mozilla.org/en-US/docs/Web/API/Gamepad/id >> >> How is this exposed in other browsers? It seems like it would be >> advantageous to require this string to _not_ contain uniquely >> identifying information and to Non-normatively suggest an algorithm to >> do so. > > > It sounds as though this one has been answered with Florian's help. For the > rest I'd suggest opening Github issues because that's where we get most work > done these days. > > I'm happy to transfer them if it'd be helpful? > > Léonie. > > > > >> >> 2) I'm confused by getGamepads: >> >> a) why, in the example, is there a leading 'null'? Is it indicating >> there are two gamepads but not giving you information about the first >> one? Why? >> b) "Gamepads MUST only appear in the list if they are currently >> connected to the user agent, and at least one device has been >> interacted with by the user." - that's great. But what does >> "interacted with by the user" mean? Ever since process start? For this >> origin? >> >> 3) Gamepads are in the long tail of things that make the web a great >> experience but are used very infrequently. Can this API be designed to >> support a permission by making things like getGamepads async? UAs >> don't _need_ to implement a permission, but with synchronous APIs it >> becomes _impossible_ to gate releasing user information via a >> permission. >> >> 4) There doesn't seem to be any information about gamepadconnected and >> disconnected as it relates to 'device has been interacted with by the >> user'. If I plug in a device, will my origins receive the connected >> event? And then will every origin subsequently visit be able to query >> my game pad because I interacted with it? >> >> >> -tom >> >> On 17 May 2018 at 03:28, Léonie Watson <tink@tink.uk> wrote: >>> >>> Hello Web Security, >>> >>> We would welcome your review of the Gamepad API specification [1], as >>> part >>> of our wide review before transitioning to Candidate recommendation (CR). >>> >>> If there are any issues arising from your review, please file them on the >>> Gamepad Github repo [2], and apply the "wide review" and "security" >>> labels >>> to each issue. This will help us track your comments and respond >>> accordingly. >>> >>> If there are no issues arising from your review, please let us know by >>> reply >>> to this thread. >>> >>> We would appreciate your comments no later than Friday 27th June 2018. >>> Thank >>> you. >>> >>> Léonie on behalf of the WebPlat Chairs and Gamepad Editors >>> [1] https://www.w3.org/TR/2018/WD-gamepad-20180508/ >>> [2] https://github.com/w3c/gamepad/issues/new/ >>> >>> -- >>> @LeonieWatson @tink@toot.cafe Carpe diem >>> > > -- > @LeonieWatson @tink@toot.cafe Carpe diem
Received on Friday, 1 June 2018 13:52:34 UTC