LGTM3 On Wed, Nov 29, 2023 at 8:36 AM Philip Jägenstedt <foo...@chromium.org> wrote:
> LGTM2 > > On Wed, Nov 29, 2023 at 4:12 PM Yoav Weiss <yoavwe...@chromium.org> wrote: > >> LGTM1 >> >> On Wednesday, November 29, 2023 at 4:04:49 PM UTC+1 Tommy Steimel wrote: >> >>> Okay the security reviewer has now re-reviewed it given the updated >>> information. Thanks! >>> >>> On Mon, Nov 27, 2023 at 11:55 PM Rick Byers <rby...@chromium.org> wrote: >>> >>>> On Wed, Nov 22, 2023 at 11:49 PM 'Tommy Steimel' via blink-dev < >>>> blink-dev@chromium.org> wrote: >>>> >>>>> >>>>> On Tue, Nov 21, 2023 at 9:43 PM Yoav Weiss <yoavwe...@chromium.org> >>>>> wrote: >>>>> >>>>>> >>>>>> >>>>>> On Friday, November 17, 2023 at 8:47:34 PM UTC+1 Tommy Steimel wrote: >>>>>> >>>>>> Contact emailsstei...@chromium.org, liber...@chromium.org >>>>>> >>>>>> ExplainerNone >>>>>> >>>>>> Specificationhttps://github.com/WICG/document-picture-in-picture/ >>>>>> pull/104 >>>>>> >>>>>> Summary >>>>>> >>>>>> This adds a user gesture requirement for the resizeBy() and >>>>>> resizeTo() Window APIs for document picture-in-picture windows. This >>>>>> allows >>>>>> websites to make use of those APIs while mitigating much of the abuse >>>>>> potential of those APIs on an always-on-top window. >>>>>> >>>>>> >>>>>> Blink componentBlink>Media>PictureInPicture >>>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EMedia%3EPictureInPicture> >>>>>> >>>>>> TAG reviewN/A as this is a minor change to the behavior of an >>>>>> existing API >>>>>> >>>>>> TAG review statusNot applicable >>>>>> >>>>>> Risks >>>>>> >>>>>> >>>>>> Interoperability and Compatibility >>>>>> >>>>>> None >>>>>> >>>>>> >>>>>> This added requirement would mean that calls to these API can now >>>>>> fail. Is that new? Or are developers already expected to handle failures? >>>>>> Do we expect developers to start checking the UserActivation API >>>>>> <https://developer.mozilla.org/en-US/docs/Web/API/UserActivation> before >>>>>> calling these methods? >>>>>> >>>>> >>>>> Currently these APIs always fail on document picture-in-picture >>>>> windows regardless of user activation (to prevent really spammy >>>>> always-on-top windows). We don't expect developers to check the >>>>> UserActivation API at all, just to only call resizeTo()/resizeBy() in >>>>> response to a user gesture. >>>>> >>>> >>>> From the subject and summary I also originally assumed this intent was >>>> about adding a user gesture restriction, and it looks like your security >>>> approval was also based on that incorrect understanding. Can you please >>>> re-request a security review with the clarification of the scope of this >>>> feature? Please also update the summary of the feature in ChromeStatus, eg: >>>> "This enables the resizeBy() and resizeTo() Windows methods on document >>>> picture-in-picture windows, but with the added restriction of a user >>>> gesture requirement to mitigate the abuse potential". >>>> >>>> Otherwise it looks fine to me. >>>> >>>> >>>>> *Gecko*: No signal (https://github.com/mozilla/ >>>>>> standards-positions/issues/670#issuecomment-1786354361) Added >>>>>> comment to existing standards position issue for document >>>>>> picture-in-picture. No response yet >>>>>> >>>>>> *WebKit*: No signal (https://github.com/WebKit/ >>>>>> standards-positions/issues/41#issuecomment-1786354016) Added comment >>>>>> to existing standards position issue for document picture-in-picture. No >>>>>> response yet >>>>>> >>>>>> *Web developers*: Positive The ability to programmatically resize >>>>>> the document picture-in-picture window is one of the most-requested >>>>>> features for document picture-in-picture >>>>>> >>>>>> *Other signals*: >>>>>> >>>>>> Ergonomics >>>>>> >>>>>> N/A >>>>>> >>>>>> >>>>>> Activation >>>>>> >>>>>> N/A >>>>>> >>>>>> >>>>>> Security >>>>>> >>>>>> While being able to resize an always-on-top window at will is a >>>>>> security/annoyance risk, by making the API consume a user gesture, the >>>>>> website can only resize once per click, which limits the possible abuse >>>>>> vectors >>>>>> >>>>>> >>>>>> WebView application risks >>>>>> >>>>>> Does this intent deprecate or change behavior of existing APIs, such >>>>>> that it has potentially high risk for Android WebView-based applications? >>>>>> >>>>>> N/A >>>>>> >>>>>> >>>>>> Debuggability >>>>>> >>>>>> N/A >>>>>> >>>>>> >>>>>> Will this feature be supported on all six Blink platforms (Windows, >>>>>> Mac, Linux, Chrome OS, Android, and Android WebView)?No >>>>>> >>>>>> The document picture-in-picture API is not supported on Android >>>>>> >>>>>> >>>>>> Is this feature fully tested by web-platform-tests >>>>>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>>>>> ?Yes >>>>>> >>>>>> document-picture-in-picture/resize-requires-user-gesture.https.html >>>>>> >>>>>> >>>>>> Flag name on chrome://flagsNone >>>>>> >>>>>> Finch feature nameNone >>>>>> >>>>>> Non-finch justification >>>>>> >>>>>> Small, low-risk change to existing API >>>>>> >>>>>> >>>>>> Requires code in //chrome?False >>>>>> >>>>>> Tracking bughttps://crbug.com/1354325 >>>>>> >>>>>> Sample links >>>>>> https://steimelchrome.github.io/document-pip/click_to_resize.html >>>>>> >>>>>> Estimated milestonesShipping on desktop121 >>>>>> >>>>>> Anticipated spec changes >>>>>> >>>>>> Open questions about a feature may be a source of future web compat >>>>>> or interop issues. Please list open issues (e.g. links to known github >>>>>> issues in the project for the feature specification) whose resolution may >>>>>> introduce web compat/interop risk (e.g., changing to naming or structure >>>>>> of >>>>>> the API in a non-backward-compatible way). >>>>>> N/A >>>>>> >>>>>> Link to entry on the Chrome Platform Statushttps://chromestatus.com/ >>>>>> feature/5398995019235328 >>>>>> >>>>>> This intent message was generated by Chrome Platform Status >>>>>> <https://chromestatus.com/>. >>>>>> >>>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "blink-dev" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to blink-dev+unsubscr...@chromium.org. >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAE-AwAqS29Q2%2BbV89rc8x%2B3BCVQVuLw5QEPnkbrJpy-2mq2bZA%40mail.gmail.com >>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAE-AwAqS29Q2%2BbV89rc8x%2B3BCVQVuLw5QEPnkbrJpy-2mq2bZA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>> -- >> You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to blink-dev+unsubscr...@chromium.org. >> To view this discussion on the web visit >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/740e5180-d4d9-4156-9489-21185b9bc1e6n%40chromium.org >> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/740e5180-d4d9-4156-9489-21185b9bc1e6n%40chromium.org?utm_medium=email&utm_source=footer> >> . >> > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAARdPYdioCrFHatD-3FV0yuzGmUxDmAoQuupJxF79kDG3nxdUA%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAARdPYdioCrFHatD-3FV0yuzGmUxDmAoQuupJxF79kDG3nxdUA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw_5P0Vx7s3LM0jSwq4XxjHAqwQfrt%3D%2B1qGoB9R741mgow%40mail.gmail.com.
