On 17 August 2015 at 07:34, Nicholas Nethercote wrote:
> On Mon, Aug 17, 2015 at 5:15 AM, Richard Barnes wrote:
>>
>> But a 2-3 second box for each
>> fullscreen transition seems like a small price.
>
> The box is very prominent and often blocks part of the video, which I
> personally find quite
On Mon, Aug 17, 2015 at 5:15 AM, Richard Barnes wrote:
>
> But a 2-3 second box for each
> fullscreen transition seems like a small price.
The box is very prominent and often blocks part of the video, which I
personally find quite annoying.
If the notification were less prominent -- e.g. a strip
On Sun, Aug 16, 2015 at 8:07 PM, Eric Shepherd
wrote:
> I have to agree with Gavin here: the risk of this sort of attack occurring
> is very low,
>
Do you have some evidence for this?
-Ekr
> but the potential for annoying or confusing users with this presentation
> is, if not high, at least h
I have to agree with Gavin here: the risk of this sort of attack occurring is
very low, but the potential for annoying or confusing users with this
presentation is, if not high, at least high enough to make it overkill. At
least having a way (even if it's an about:config only thing) to drop this
On Sun, Aug 16, 2015 at 5:52 PM, Eric Rescorla wrote:
>
>
> On Sun, Aug 16, 2015 at 5:49 PM, Gavin Sharp wrote:
>
>> > But a 2-3 second box for each fullscreen transition seems like a
>> > small price.
>>
>> Seems like a pretty large price to me, given a combination of factors:
>> - significant
On Sun, Aug 16, 2015 at 5:49 PM, Gavin Sharp wrote:
> > But a 2-3 second box for each fullscreen transition seems like a
> > small price.
>
> Seems like a pretty large price to me, given a combination of factors:
> - significant added friction to a common user action ("start watching
> this video
> But a 2-3 second box for each fullscreen transition seems like a
> small price.
Seems like a pretty large price to me, given a combination of factors:
- significant added friction to a common user action ("start watching
this video in fullscreen")
- low likelihood that the type of attack this mi
This prompt is an important part of the security story for fullscreen.
Since a fullscreen web app can hijack your entire browsing session, it's
important that the user know that he's entering fullscreen and not looking
at an actual browser window -- and to know that every time something goes
fullsc
8 matches
Mail list logo