On Wed, Nov 22, 2023 at 11:49 PM 'Tommy Steimel' via blink-dev < blink-dev@chromium.org> wrote:
> > On Tue, Nov 21, 2023 at 9:43 PM Yoav Weiss <yoavwe...@chromium.org> wrote: > >> >> >> On Friday, November 17, 2023 at 8:47:34 PM UTC+1 Tommy Steimel wrote: >> >> Contact emailsstei...@chromium.org, liber...@chromium.org >> >> ExplainerNone >> >> Specificationhttps://github.com/WICG/document-picture-in-picture/pull/104 >> >> Summary >> >> This adds a user gesture requirement for the resizeBy() and resizeTo() >> Window APIs for document picture-in-picture windows. This allows websites >> to make use of those APIs while mitigating much of the abuse potential of >> those APIs on an always-on-top window. >> >> >> Blink componentBlink>Media>PictureInPicture >> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EMedia%3EPictureInPicture> >> >> TAG reviewN/A as this is a minor change to the behavior of an existing >> API >> >> TAG review statusNot applicable >> >> Risks >> >> >> Interoperability and Compatibility >> >> None >> >> >> This added requirement would mean that calls to these API can now fail. >> Is that new? Or are developers already expected to handle failures? >> Do we expect developers to start checking the UserActivation API >> <https://developer.mozilla.org/en-US/docs/Web/API/UserActivation> before >> calling these methods? >> > > Currently these APIs always fail on document picture-in-picture windows > regardless of user activation (to prevent really spammy always-on-top > windows). We don't expect developers to check the UserActivation API at > all, just to only call resizeTo()/resizeBy() in response to a user gesture. > >From the subject and summary I also originally assumed this intent was about adding a user gesture restriction, and it looks like your security approval was also based on that incorrect understanding. Can you please re-request a security review with the clarification of the scope of this feature? Please also update the summary of the feature in ChromeStatus, eg: "This enables the resizeBy() and resizeTo() Windows methods on document picture-in-picture windows, but with the added restriction of a user gesture requirement to mitigate the abuse potential". Otherwise it looks fine to me. > *Gecko*: No signal (https://github.com/mozilla/standards-positions/issues/ >> 670#issuecomment-1786354361) Added comment to existing standards >> position issue for document picture-in-picture. No response yet >> >> *WebKit*: No signal (https://github.com/WebKit/ >> standards-positions/issues/41#issuecomment-1786354016) Added comment to >> existing standards position issue for document picture-in-picture. No >> response yet >> >> *Web developers*: Positive The ability to programmatically resize the >> document picture-in-picture window is one of the most-requested features >> for document picture-in-picture >> >> *Other signals*: >> >> Ergonomics >> >> N/A >> >> >> Activation >> >> N/A >> >> >> Security >> >> While being able to resize an always-on-top window at will is a >> security/annoyance risk, by making the API consume a user gesture, the >> website can only resize once per click, which limits the possible abuse >> vectors >> >> >> WebView application risks >> >> Does this intent deprecate or change behavior of existing APIs, such that >> it has potentially high risk for Android WebView-based applications? >> >> N/A >> >> >> Debuggability >> >> N/A >> >> >> Will this feature be supported on all six Blink platforms (Windows, Mac, >> Linux, Chrome OS, Android, and Android WebView)?No >> >> The document picture-in-picture API is not supported on Android >> >> >> Is this feature fully tested by web-platform-tests >> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >> ?Yes >> >> document-picture-in-picture/resize-requires-user-gesture.https.html >> >> >> Flag name on chrome://flagsNone >> >> Finch feature nameNone >> >> Non-finch justification >> >> Small, low-risk change to existing API >> >> >> Requires code in //chrome?False >> >> Tracking bughttps://crbug.com/1354325 >> >> Sample links >> https://steimelchrome.github.io/document-pip/click_to_resize.html >> >> Estimated milestonesShipping on desktop121 >> >> Anticipated spec changes >> >> Open questions about a feature may be a source of future web compat or >> interop issues. Please list open issues (e.g. links to known github issues >> in the project for the feature specification) whose resolution may >> introduce web compat/interop risk (e.g., changing to naming or structure of >> the API in a non-backward-compatible way). >> N/A >> >> Link to entry on the Chrome Platform Statushttps://chromestatus.com/ >> feature/5398995019235328 >> >> This intent message was generated by Chrome Platform Status >> <https://chromestatus.com/>. >> >> -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAE-AwAqS29Q2%2BbV89rc8x%2B3BCVQVuLw5QEPnkbrJpy-2mq2bZA%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAE-AwAqS29Q2%2BbV89rc8x%2B3BCVQVuLw5QEPnkbrJpy-2mq2bZA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAFUtAY_0h3T9wRXA34Txb2dkJ1JvDMjm56KNfnw8z44eb709ug%40mail.gmail.com.