LGTM2 On Wed, Nov 29, 2023 at 4:12 PM Yoav Weiss <yoavwe...@chromium.org> wrote:
> LGTM1 > > On Wednesday, November 29, 2023 at 4:04:49 PM UTC+1 Tommy Steimel wrote: > >> Okay the security reviewer has now re-reviewed it given the updated >> information. Thanks! >> >> On Mon, Nov 27, 2023 at 11:55 PM Rick Byers <rby...@chromium.org> wrote: >> >>> On Wed, Nov 22, 2023 at 11:49 PM 'Tommy Steimel' via blink-dev < >>> blink-dev@chromium.org> wrote: >>> >>>> >>>> On Tue, Nov 21, 2023 at 9:43 PM Yoav Weiss <yoavwe...@chromium.org> >>>> wrote: >>>> >>>>> >>>>> >>>>> On Friday, November 17, 2023 at 8:47:34 PM UTC+1 Tommy Steimel wrote: >>>>> >>>>> Contact emailsstei...@chromium.org, liber...@chromium.org >>>>> >>>>> ExplainerNone >>>>> >>>>> Specificationhttps://github.com/WICG/document-picture-in-picture/ >>>>> pull/104 >>>>> >>>>> Summary >>>>> >>>>> This adds a user gesture requirement for the resizeBy() and resizeTo() >>>>> Window APIs for document picture-in-picture windows. This allows websites >>>>> to make use of those APIs while mitigating much of the abuse potential of >>>>> those APIs on an always-on-top window. >>>>> >>>>> >>>>> Blink componentBlink>Media>PictureInPicture >>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EMedia%3EPictureInPicture> >>>>> >>>>> TAG reviewN/A as this is a minor change to the behavior of an >>>>> existing API >>>>> >>>>> TAG review statusNot applicable >>>>> >>>>> Risks >>>>> >>>>> >>>>> Interoperability and Compatibility >>>>> >>>>> None >>>>> >>>>> >>>>> This added requirement would mean that calls to these API can now >>>>> fail. Is that new? Or are developers already expected to handle failures? >>>>> Do we expect developers to start checking the UserActivation API >>>>> <https://developer.mozilla.org/en-US/docs/Web/API/UserActivation> before >>>>> calling these methods? >>>>> >>>> >>>> Currently these APIs always fail on document picture-in-picture windows >>>> regardless of user activation (to prevent really spammy always-on-top >>>> windows). We don't expect developers to check the UserActivation API at >>>> all, just to only call resizeTo()/resizeBy() in response to a user gesture. >>>> >>> >>> From the subject and summary I also originally assumed this intent was >>> about adding a user gesture restriction, and it looks like your security >>> approval was also based on that incorrect understanding. Can you please >>> re-request a security review with the clarification of the scope of this >>> feature? Please also update the summary of the feature in ChromeStatus, eg: >>> "This enables the resizeBy() and resizeTo() Windows methods on document >>> picture-in-picture windows, but with the added restriction of a user >>> gesture requirement to mitigate the abuse potential". >>> >>> Otherwise it looks fine to me. >>> >>> >>>> *Gecko*: No signal (https://github.com/mozilla/ >>>>> standards-positions/issues/670#issuecomment-1786354361) Added comment >>>>> to existing standards position issue for document picture-in-picture. No >>>>> response yet >>>>> >>>>> *WebKit*: No signal (https://github.com/WebKit/ >>>>> standards-positions/issues/41#issuecomment-1786354016) Added comment >>>>> to existing standards position issue for document picture-in-picture. No >>>>> response yet >>>>> >>>>> *Web developers*: Positive The ability to programmatically resize the >>>>> document picture-in-picture window is one of the most-requested features >>>>> for document picture-in-picture >>>>> >>>>> *Other signals*: >>>>> >>>>> Ergonomics >>>>> >>>>> N/A >>>>> >>>>> >>>>> Activation >>>>> >>>>> N/A >>>>> >>>>> >>>>> Security >>>>> >>>>> While being able to resize an always-on-top window at will is a >>>>> security/annoyance risk, by making the API consume a user gesture, the >>>>> website can only resize once per click, which limits the possible abuse >>>>> vectors >>>>> >>>>> >>>>> WebView application risks >>>>> >>>>> Does this intent deprecate or change behavior of existing APIs, such >>>>> that it has potentially high risk for Android WebView-based applications? >>>>> >>>>> N/A >>>>> >>>>> >>>>> Debuggability >>>>> >>>>> N/A >>>>> >>>>> >>>>> Will this feature be supported on all six Blink platforms (Windows, >>>>> Mac, Linux, Chrome OS, Android, and Android WebView)?No >>>>> >>>>> The document picture-in-picture API is not supported on Android >>>>> >>>>> >>>>> Is this feature fully tested by web-platform-tests >>>>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>>>> ?Yes >>>>> >>>>> document-picture-in-picture/resize-requires-user-gesture.https.html >>>>> >>>>> >>>>> Flag name on chrome://flagsNone >>>>> >>>>> Finch feature nameNone >>>>> >>>>> Non-finch justification >>>>> >>>>> Small, low-risk change to existing API >>>>> >>>>> >>>>> Requires code in //chrome?False >>>>> >>>>> Tracking bughttps://crbug.com/1354325 >>>>> >>>>> Sample links >>>>> https://steimelchrome.github.io/document-pip/click_to_resize.html >>>>> >>>>> Estimated milestonesShipping on desktop121 >>>>> >>>>> Anticipated spec changes >>>>> >>>>> Open questions about a feature may be a source of future web compat or >>>>> interop issues. Please list open issues (e.g. links to known github issues >>>>> in the project for the feature specification) whose resolution may >>>>> introduce web compat/interop risk (e.g., changing to naming or structure >>>>> of >>>>> the API in a non-backward-compatible way). >>>>> N/A >>>>> >>>>> Link to entry on the Chrome Platform Statushttps://chromestatus.com/ >>>>> feature/5398995019235328 >>>>> >>>>> This intent message was generated by Chrome Platform Status >>>>> <https://chromestatus.com/>. >>>>> >>>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "blink-dev" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to blink-dev+unsubscr...@chromium.org. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAE-AwAqS29Q2%2BbV89rc8x%2B3BCVQVuLw5QEPnkbrJpy-2mq2bZA%40mail.gmail.com >>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAE-AwAqS29Q2%2BbV89rc8x%2B3BCVQVuLw5QEPnkbrJpy-2mq2bZA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/740e5180-d4d9-4156-9489-21185b9bc1e6n%40chromium.org > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/740e5180-d4d9-4156-9489-21185b9bc1e6n%40chromium.org?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAARdPYdioCrFHatD-3FV0yuzGmUxDmAoQuupJxF79kDG3nxdUA%40mail.gmail.com.
