Re: Helping Canvas Tag Be Accessible



Rich Schwerdtfeger
Distinguished Engineer, SWG Accessibility Architect/Strategist

public-html-request@w3.org wrote on 08/05/2009 12:39:10 PM:

> "Charles McCathieNevile" <chaals@opera.com>
> Sent by: public-html-request@w3.org
>
> 08/05/2009 12:39 PM
>
> To
>
> "Henri Sivonen" <hsivonen@iki.fi>, Richard Schwerdtfeger/Austin/IBM@IBMUS
>
> cc
>
> "HTMLWG WG" <public-html@w3.org>, "W3C WAI-XTECH" <wai-xtech@w3.org>
>
> Subject
>
> Re: Helping Canvas Tag Be Accessible
>
> On Wed, 05 Aug 2009 08:46:59 -0400, Henri Sivonen <hsivonen@iki.fi>
wrote:
>
> > On Jul 30, 2009, at 15:50, Richard Schwerdtfeger wrote:
> ...
> >> In order to make canvas accessible we will need:
> >>    • An object model to which authors can apply an accessibility API.
> >
> > This already exists on the spec level (well, maybe not so clearly for
> > focus traversal) in the heavy-weight (object is a DOM node) form:
> > Putting an ARIA-decorated DOM subtree inside <canvas>.
> >
> > I doubt the benefit of speccing another object model. A new object
model
> > could perform a bit better that a DOM subtree but any object model
would
> > still be an abstraction level mismatch with the Canvas 2D API.
>
> Agreed.
>
In thinking about serious canvas examples, can anyone provide some canvas
examples that we can look at in addition to Bespin?

> [..]
> >   * If the mapping from low-level platform APIs to a JS API is direct,

> > malicious or incompetently written scripts can tell AT crazy things.
Are
> > ATs robust against apps telling them crazy things? Does the browser
need
> > to be able to sanitize the interaction instead of directly mapping the

> > interfaces?
>
> This is a general problem. ATs and browsers have some rudimentary
> protection against crazy information (e.g. for the summary attribute),
but
> there isn't a known general solution to this issue. I don't think that
the
> risk of lazy, incompetent or malicious coding in canvas is likely to be
> far different from that in the rest of the web (i.e. I suspect it will
> probably be something like an order or two of magnitude more common than

> good practice). This is akin to "this doesn't open any *new* security
> holes" - it is a long way from perfect, but at least it enables us to do

> some useful things that we couldn't otherwise. In the absence of perfect,

> I will take "better than what we have"...
>
I agree.>

> cheers
>
> Chaals
>
> --
> Charles McCathieNevile  Opera Software, Standards Group
>      je parle français -- hablo español -- jeg lærer norsk
> http://my.opera.com/chaals       Try Opera: http://www.opera.com

>

Received on Wednesday, 5 August 2009 23:11:24 UTC