On Wed, Apr 18, 2012 at 9:32 PM, Adrienne Porter Felt <a...@berkeley.edu> wrote: > Could it be limited to both foreground content that is the top level > window? That way ads in iframes won't be able to annoy the user as much > (and websites can ensure that ads won't be annoying by putting them in > frames).
I feel like vibration is very similar to audio. I'm fairly sure there are websites that have a policy that none of the ads that they are showing are allowed to play audio. Unfortunately this can't be enforced through technical means right now, with the result being that sometimes ad agencies break the policies. I see the desire to disable vibration for cross-origin iframes, but I think it would also disable useful usecases if we do it as a blanket policy. For example many games on facebook run inside an iframe. What would be really cool is if we had the ability for a site to create an iframe for an ad and say that the contents of the iframe wasn't allowed to play audio or enable the vibrator. Alternatively we could do it the other way around and say that cross-origin iframes by default disable vibration, but can then be explicitly re-enable the vibrator. We could implement a "allow by default but allow parent website to disable vibration" by extending the sandbox attribute. We could probably do audio that way too since sandboxes disable plugins. / Jonas _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security