LGTM1 On Wednesday, November 29, 2023 at 4:04:49 PM UTC+1 Tommy Steimel wrote:
> Okay the security reviewer has now re-reviewed it given the updated > information. Thanks! > > On Mon, Nov 27, 2023 at 11:55 PM Rick Byers <[email protected]> wrote: > >> On Wed, Nov 22, 2023 at 11:49 PM 'Tommy Steimel' via blink-dev < >> [email protected]> wrote: >> >>> >>> On Tue, Nov 21, 2023 at 9:43 PM Yoav Weiss <[email protected]> >>> wrote: >>> >>>> >>>> >>>> On Friday, November 17, 2023 at 8:47:34 PM UTC+1 Tommy Steimel wrote: >>>> >>>> Contact [email protected], [email protected] >>>> >>>> ExplainerNone >>>> >>>> Specificationhttps://github.com/WICG/document-picture-in-picture/ >>>> pull/104 >>>> >>>> Summary >>>> >>>> This adds a user gesture requirement for the resizeBy() and resizeTo() >>>> Window APIs for document picture-in-picture windows. This allows websites >>>> to make use of those APIs while mitigating much of the abuse potential of >>>> those APIs on an always-on-top window. >>>> >>>> >>>> Blink componentBlink>Media>PictureInPicture >>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EMedia%3EPictureInPicture> >>>> >>>> TAG reviewN/A as this is a minor change to the behavior of an existing >>>> API >>>> >>>> TAG review statusNot applicable >>>> >>>> Risks >>>> >>>> >>>> Interoperability and Compatibility >>>> >>>> None >>>> >>>> >>>> This added requirement would mean that calls to these API can now fail. >>>> Is that new? Or are developers already expected to handle failures? >>>> Do we expect developers to start checking the UserActivation API >>>> <https://developer.mozilla.org/en-US/docs/Web/API/UserActivation> before >>>> calling these methods? >>>> >>> >>> Currently these APIs always fail on document picture-in-picture windows >>> regardless of user activation (to prevent really spammy always-on-top >>> windows). We don't expect developers to check the UserActivation API at >>> all, just to only call resizeTo()/resizeBy() in response to a user gesture. >>> >> >> From the subject and summary I also originally assumed this intent was >> about adding a user gesture restriction, and it looks like your security >> approval was also based on that incorrect understanding. Can you please >> re-request a security review with the clarification of the scope of this >> feature? Please also update the summary of the feature in ChromeStatus, eg: >> "This enables the resizeBy() and resizeTo() Windows methods on document >> picture-in-picture windows, but with the added restriction of a user >> gesture requirement to mitigate the abuse potential". >> >> Otherwise it looks fine to me. >> >> >>> *Gecko*: No signal (https://github.com/mozilla/ >>>> standards-positions/issues/670#issuecomment-1786354361) Added comment >>>> to existing standards position issue for document picture-in-picture. No >>>> response yet >>>> >>>> *WebKit*: No signal (https://github.com/WebKit/ >>>> standards-positions/issues/41#issuecomment-1786354016) Added comment >>>> to existing standards position issue for document picture-in-picture. No >>>> response yet >>>> >>>> *Web developers*: Positive The ability to programmatically resize the >>>> document picture-in-picture window is one of the most-requested features >>>> for document picture-in-picture >>>> >>>> *Other signals*: >>>> >>>> Ergonomics >>>> >>>> N/A >>>> >>>> >>>> Activation >>>> >>>> N/A >>>> >>>> >>>> Security >>>> >>>> While being able to resize an always-on-top window at will is a >>>> security/annoyance risk, by making the API consume a user gesture, the >>>> website can only resize once per click, which limits the possible abuse >>>> vectors >>>> >>>> >>>> WebView application risks >>>> >>>> Does this intent deprecate or change behavior of existing APIs, such >>>> that it has potentially high risk for Android WebView-based applications? >>>> >>>> N/A >>>> >>>> >>>> Debuggability >>>> >>>> N/A >>>> >>>> >>>> Will this feature be supported on all six Blink platforms (Windows, >>>> Mac, Linux, Chrome OS, Android, and Android WebView)?No >>>> >>>> The document picture-in-picture API is not supported on Android >>>> >>>> >>>> Is this feature fully tested by web-platform-tests >>>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>>> ?Yes >>>> >>>> document-picture-in-picture/resize-requires-user-gesture.https.html >>>> >>>> >>>> Flag name on chrome://flagsNone >>>> >>>> Finch feature nameNone >>>> >>>> Non-finch justification >>>> >>>> Small, low-risk change to existing API >>>> >>>> >>>> Requires code in //chrome?False >>>> >>>> Tracking bughttps://crbug.com/1354325 >>>> >>>> Sample links >>>> https://steimelchrome.github.io/document-pip/click_to_resize.html >>>> >>>> Estimated milestonesShipping on desktop121 >>>> >>>> Anticipated spec changes >>>> >>>> Open questions about a feature may be a source of future web compat or >>>> interop issues. Please list open issues (e.g. links to known github issues >>>> in the project for the feature specification) whose resolution may >>>> introduce web compat/interop risk (e.g., changing to naming or structure >>>> of >>>> the API in a non-backward-compatible way). >>>> N/A >>>> >>>> Link to entry on the Chrome Platform Statushttps://chromestatus.com/ >>>> feature/5398995019235328 >>>> >>>> This intent message was generated by Chrome Platform Status >>>> <https://chromestatus.com/>. >>>> >>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "blink-dev" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAE-AwAqS29Q2%2BbV89rc8x%2B3BCVQVuLw5QEPnkbrJpy-2mq2bZA%40mail.gmail.com >>> >>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAE-AwAqS29Q2%2BbV89rc8x%2B3BCVQVuLw5QEPnkbrJpy-2mq2bZA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/740e5180-d4d9-4156-9489-21185b9bc1e6n%40chromium.org.
