2009/12/16 Jonas Sicking <jo...@sicking.cc>

> 2009/12/16 Ian Fette (イアンフェッティ) <ife...@google.com>:
> > 2009/12/16 Jonas Sicking <jo...@sicking.cc>
> >>
> >> 2009/12/16 Ian Fette (イアンフェッティ) <ife...@google.com>:
> >> > I think what I've heard from application developers over and over
> again
> >> > is
> >> > that, while the UA may provide some way to go into full screen from in
> >> > the
> >> > browser chrome, it is much more discoverable when that capability
> exists
> >> > from within the content area (e.g. people are used to clicking on the
> >> > full
> >> > screen button in YouTube, and when you take that away users can no
> >> > longer
> >> > figure out how to go full screen).
> >> > Obviously there are security considerations re: UI spoofing, but I'm
> >> > beginning to wonder how much we should beat ourselves over this. If
> >> > there
> >> > are simple things that we can do to improve upon the model Flash uses
> >> > (e.g.
> >> > don't have a translucent overlay but instead use an opaque overlay, or
> >> > use
> >> > an overlay that doesn't go away until the user dismisses it, etc)
> >> > without
> >> > totally killing current use cases and discoverability, then let's
> >> > consider
> >> > that. Overall though, it feels like we are burying our head in the
> sand
> >> > a
> >> > bit by saying "Well, as long as HTML doesn't provide a way to go full
> >> > screen, the users are safe and it's not *our* fault if anything bad
> >> > happens," when the reality is that Flash is installed on 98-99% of all
> >> > machines out there and anyone who is really trying to phish people
> using
> >> > this method could easily use flash instead of whatever we provide.
> (And
> >> > yes
> >> > I'm aware people can turn off flash, but those users sophisticated
> >> > enough to
> >> > use noflash can probably figure out if they are in full-screen mode or
> >> > not.)
> >> > -Ian
> >>
> >> In addition to UI spoofing there is also the "annoying websites"
> >> factor. There is today API for pages to resize the browser window,
> >> which I know that some pages abuse to resize the browser window to be
> >> as big as possible. This API is one of very few that Firefox has
> >> specific API to turn off, because its one of the APIs that annoy users
> >> the most.
> >>
> >
> > You could tie it to user gestures, e.g. only allow a page to call
> > fullscreen() in response to a user gesture, much as many browsers will
> block
> > popups that do not result from a user gesture. Not perfect, but a large
> > improvement.
> >
> >>
> >> As for flash going full screen. I heard something regarding that while
> >> in full screen mode flash disables certain capabilities, in order to
> >> reduce the risk of spoofing. Such as the ability to receive keyboard
> >> events. Haven't investigated this at all though.
> >>
> >
> > correct
> >
> >>
> >> I'm also not sure what you mean by "can probably figure out if they
> >> are in full-screen mode or not". How would you figure this out? Other
> >> than by installing a non-standard skin for your desktop or browser?
> >>
> >
> > If you can only call fullscreen() in response to a user gesture, and
> there
> > is some reasonably obvious thing that happens when you go full screen
> > (hopefully a bit more obvious than what Flash currently does), then I'm
> > hoping a sophisticated user who knows about noflash could figure out that
> > they just went into fullscreen. As for the unsophisticated user, they're
> > already "at risk" by flash, hopefully we could do better than flash, but
> if
> > not, I think I would be willing to accept being on-par with Flash on this
> > issue.
>
> You need to ensure that the user is actively looking at the screen
> though. If the user is getting back to a screen that is now in
> fullscreen mode it seems hard to impossible to tell in the general
> case. Unless you slab a bar at the top screen that constantly says
> "Fullscreen mode, take caution".
>

tie to user gesture, or make it stay until the user actively dismisses it
(click an x on it, i dunno).


>
> I guess that if you enforced that fullscreen could only happen in
> response to a click then you are in better shape. I'd say you should
> try implementing this in chrome :)
>
> As for comparisons to flash, one of the goals of the mozilla project
> is to improve the web, not stay on par with flash ;)
>
>
yes, I'm all about improving it too. But at some point we need to stop
throwing our hands up in the air and saying "well, we will provide this
safer way, which no one will use, and therefore we've made the web a better
place."

:)


> / Jonas
>

Reply via email to