Congrats! It's exciting seeing the Device Posture API ship. Great work Alexis. 🎉
Sent from Outlook for Android<https://aka.ms/AAb9ysg> ________________________________ From: Yoav Weiss (@Shopify) <yoavwe...@chromium.org> Sent: Wednesday, October 16, 2024 3:41:49 AM To: Alexis Menard <alexis.men...@intel.com> Cc: Domenic Denicola <dome...@chromium.org>; Diego González <die...@gmail.com>; blink-dev <blink-dev@chromium.org>; Alex Russell <slightly...@chromium.org>; Ian Clelland <iclell...@chromium.org> Subject: Re: [blink-dev] Intent to Ship: Device Posture API LGTM3 On Tue, Oct 15, 2024 at 9:14 PM Alexis Menard <alexis.men...@intel.com<mailto:alexis.men...@intel.com>> wrote: @Yoav Weiss (@Shopify)<mailto:yoavwe...@chromium.org> does my answer covers your concerns? On Wed, Oct 9, 2024 at 11:09 PM Domenic Denicola <dome...@chromium.org<mailto:dome...@chromium.org>> wrote: Thanks for resolving this! LGTM2. On Thu, Oct 10, 2024 at 3:43 AM Diego González <die...@gmail.com<mailto:die...@gmail.com>> wrote: 💖 On Wednesday 9 October 2024 at 17:13:19 UTC+1 Alexis Menard wrote: We did resolve this in the spec, my bad. As the FYI the W3C Device and Sensors WG has decided to move this API to CR. On Tue, Oct 8, 2024 at 9:28 PM Domenic Denicola <dom...@chromium.org> wrote: To be clear, I'm OK if the relevant standards body (i.e. the W3C Devices and Sensors WG) has decided that this does not require a permissions policy. But I would like it to be resolved one way or another before we approve this for shipping. Right now it is listed as an open issue in the spec, and it's one that will be hard to change after shipping, so per the "Anticipated spec changes" of our I2S template, I'd like to get that resolved. On Wed, Oct 9, 2024 at 3:14 AM Alex Russell <sligh...@chromium.org> wrote: It's unclear to me that this should have a permission. LGTM1 On Mon, Oct 7, 2024, 7:19 AM Alexis Menard <alexis...@intel.com> wrote: On Mon, Oct 7, 2024 at 9:31 AM Ian Clelland <icle...@chromium.org> wrote: On Mon, Oct 7, 2024 at 7:36 AM Alexis Menard <alexis...@intel.com> wrote: Hi, Thanks for your approval. I can confirm that the API is exposed to iframe through JS and CSS. Concerning your suggestion I agree that we could put this behind a permission policy but unfortunately if the intent is to limit potential ephemeral fingerprinting then it will not help at all. In Chromium it's easy to gate the JS API behind a permission policy but there is no prior art of a CSS API being gated behind a permission policy (I may be wrong). So the iframe CSS code will still be parsed which would not impede accessing the posture. Finally one can just use JavaScript to query the posture using `matchMedia` so in order for this whole permission to truly block we would need to patch the CSS engine deep down. We've never shipped any CSS gating based on permissions policy, but we have experimented with it; in particular, we've released experimental policies to restrict the use of animations on properties which affect layout, and to restrict the values which can be used for the font-display property. These have since been removed from the code, as we're not pursuing those anymore, but the idea of controlling the CSS engine with permissions policy has been tried. I'm not sure if the fact that this API is exposed through media queries makes this more complex, but from a spec perspective, as long as you can describe the behaviour in terms of what the current document is "allowed to use", then you should be able to express the right constraints to use permissions policy. Interesting. I'll try to dig the CL just out of curiosity. Ian I had this discussion with the PING and they agreed that we don't have any mechanism in place even CSS to support such a thing. There is a discussion which started few weeks ago between the PING and CSS WG. I believe that in the future this use case could come up for some other APIs especially when things are exposed through env variables. So unless there is some idea of a spec or update to permission policy spec I'm not sure if we should start modifying the CSS engine deeply. Coming back to this API, to be honest I think the fingerprinting is very low risk, ephemeral and is going to be less and less relevant as more and more users are using foldables especially in the folded posture (remember that any other device including desktop returns the continuous posture). Thanks. On Mon, Oct 7, 2024, 12:24 AM Domenic Denicola <dom...@chromium.org> wrote: This looks like a really solid spec that has benefited from years of iteration and had good TAG review discussion. The fact that you specified and are working on WebDriver hooks to emulate posture changes during testing, and added DevTools integration, are more great signs of maturity. I'm excited to approve this. The only blocker is that https://github.com/w3c/device-posture/issues/111 remains open and changing that after shipping would be a significant change. It sounds like your current plan is to expose this information across iframes. Can you confirm? If so, are you ready to close that issue and lock in the current state? A more conservative plan would be to not expose the information across cross-origin iframes. You could then loosen that in the future, probably by introducing a permissions policy: either with a default allowlist of '*' to get the current behavior (but allow top frames to restrict), or a default allowlist of 'self' to keep the restriction by default (but allow top frames to share). Absent strong use cases for sharing cross-origin by default, that would be my suggestion. On Thu, Oct 3, 2024 at 11:42 PM Alexis Menard <alexis...@intel.com> wrote: Contact emails alexis...@intel.com Explainer https://github.com/w3c/device-posture https://www.w3.org/TR/device-posture/#introduction Specification https://www.w3.org/TR/device-posture Summary This API helps developers to detect the current posture of a foldable device. The device posture is the physical position in which a device holds which may be derived from sensors in addition to the angle. From enhancing the usability of a website by avoiding the area of a fold, to enabling innovative use cases for the web, knowing the posture of a device can help developers tailor their content to different devices. Content can be consumed and browsed even when the device is not flat, in which case the developer might want to provide a different layout for it depending on the posture state in which the device is being used. Blink component Blink>FoldableAPIs<https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EFoldableAPIs> TAG review https://github.com/w3ctag/design-reviews/issues/575 TAG review status Issues addressed Risks Interoperability and Compatibility None Gecko: No signal (https://github.com/mozilla/standards-positions/issues/882) WebKit: No signal (https://github.com/WebKit/standards-positions/issues/328) Web developers: https://github.com/w3c/device-posture/issues/111#issuecomment-2363251667 Other signals: WebView application risks Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications? Feature is disabled on WebView for now. See https://issues.chromium.org/issues/335314107 for more details. Debuggability Besides the usual DevTools debugging of the CSS and JavaScript API, a specific device has been added into the Device Emulation mode. Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, ChromeOS, Android, and Android WebView)? Yes The API will work on all the platforms but only Android and Windows will return posture information (other platforms do not have this category of devices) Is this feature fully tested by web-platform-tests<https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md>? Yes The tests aren't complete yet because we need integration with WebDriver to emulate posture changes. It's being worked on. https://github.com/web-platform-tests/wpt/tree/master/device-posture Flag name on chrome://flags device-posture Finch feature name kDevicePosture Requires code in //chrome? False Tracking bug https://bugs.chromium.org/p/chromium/issues/detail?id=1066842 Sample links https://github.com/foldable-devices Estimated milestones Shipping on desktop 131 Origin trial desktop first 125 Origin trial desktop last 128 DevTrial on desktop 95 Shipping on Android 131 Origin trial Android first 125 Origin trial Android last 128 DevTrial on Android 123 Anticipated spec changes Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way). None Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5185813744975872?gate=6219681092599808 Links to previous Intent discussions Intent to Prototype: https://groups.google.com/a/chromium.org/g/blink-dev/c/prHGPxF62i4 Intent to Experiment: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/8c244153-79c4-483e-8449-4aca14b35636%40chromium.org This intent message was generated by Chrome Platform Status<https://chromestatus.com/>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/540e383c-1e1c-4918-9f10-c3fb2dd9bc19%40intel.com<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/540e383c-1e1c-4918-9f10-c3fb2dd9bc19%40intel.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAM0wra_U0%3DqYJnDGBM8Zm-yLh7XNT1tA1uKt1a6VzuDBHBdDYA%40mail.gmail.com<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAM0wra_U0%3DqYJnDGBM8Zm-yLh7XNT1tA1uKt1a6VzuDBHBdDYA%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOaK9AntwL_dhXaSvEHVAfoisf4fexB_tNTidO9BjqiWUxM2vQ%40mail.gmail.com<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOaK9AntwL_dhXaSvEHVAfoisf4fexB_tNTidO9BjqiWUxM2vQ%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAK_TSXKv4q4Zj%2B-iDr%3DEbdENuZbdpFqxaaNrqXn6ZgdYX%2BGEXw%40mail.gmail.com<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAK_TSXKv4q4Zj%2B-iDr%3DEbdENuZbdpFqxaaNrqXn6ZgdYX%2BGEXw%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- Alexis Menard Software Engineer @ Intel -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOaK9Am-Bas35FSfRbiFBcihOtrHYMMi6J_z7qfyjcMa8VQAqg%40mail.gmail.com<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOaK9Am-Bas35FSfRbiFBcihOtrHYMMi6J_z7qfyjcMa8VQAqg%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAM0wra-%2BuPc%3DMCHjad6sMrvp_yn27zVK4DfQJb-9tCv7CXuGfQ%40mail.gmail.com<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAM0wra-%2BuPc%3DMCHjad6sMrvp_yn27zVK4DfQJb-9tCv7CXuGfQ%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- Alexis Menard Software Engineer @ Intel -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org<mailto:blink-dev+unsubscr...@chromium.org>. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAM0wra9O6NvXoTOG0PzKitFxMgPz%3D32JYEZcSvX7hF%3DXnzs_sw%40mail.gmail.com<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAM0wra9O6NvXoTOG0PzKitFxMgPz%3D32JYEZcSvX7hF%3DXnzs_sw%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- Alexis Menard Software Engineer @ Intel -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/AS4P189MB191718A16C5ECD4CAD4A0F0EF7462%40AS4P189MB1917.EURP189.PROD.OUTLOOK.COM.
