Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Define fullscreen in terms of feature policy #106

Closed
clelland opened this issue Nov 15, 2017 · 4 comments
Closed

Define fullscreen in terms of feature policy #106

clelland opened this issue Nov 15, 2017 · 4 comments

Comments

@clelland
Copy link
Contributor

https://wicg.github.io/feature-policy informally declares Fullscreen to be a policy-controlled feature (and Chrome currently implements it as such). I'm trying to work out what it would take to make that more formal.

Currently, I have:

  • Define fullscreen as a policy-controlled feature in this spec, referencing the FP spec.
  • Update 'allowed to use' in HTML to query a document's FP (already monkey-patched in FP).
  • Update privacy and security in this spec to mention alternative ways that fullscreen could be enabled.

I'm sure I'm missing something big still :)
clelland added a commit to clelland/fullscreen that referenced this issue Nov 15, 2017
@clelland
Refer to feature policy spec
fa68846 
This change defines Fullscreen as a policy-controlled feature,
referencing the feature policy spec. It makes use of the currently-
monkey-patched "Allowed to use" algorithm in HTML to allow the
document's policy to control whether an element is permitted to go
fullscreen.

Fixes: whatwg#106
@clelland clelland mentioned this issue Nov 15, 2017
Merged
@annevk
Copy link
Member

annevk commented Nov 16, 2017

I don't understand how 4 in https://wicg.github.io/feature-policy/#integration-with-html works.

How many implementers have committed to feature policy?

@clelland clelland mentioned this issue Nov 16, 2017
Closed
@clelland
Copy link
Contributor Author

I don't understand how 4 in https://wicg.github.io/feature-policy/#integration-with-html works.

The idea is that:

  • A document has a feature policy
  • "allowfullscreen" indicates the policy-controlled feature named "fullscreen"
  • The policy may or may not enable fullscreen for an origin, specifically the document's origin in this case.
  • By replacing step 4 (and 5 now, I think), "allowed to use" becomes:
  1. If document has no browsing context, then return false.
  2. If document's browsing context's active document is not document, then return false.
  3. If document's browsing context is a top-level browsing context, then return true.
  4. If document’s feature policy enables the feature indicated by allowattribute for the origin of document, then return true.
  5. Return false.

(If FP controls the features completely, then we'd probably want to get rid of step 3 as well, since FP will also handle that case)

I've filed w3c/webappsec-permissions-policy#95 to track actually making it clearer.

How many implementers have committed to feature policy?

Chrome, certainly -- I don't know that there is any public commitment from other implementers. That does raise the question of whether it's better to include language for browsers which don't support FP, or to let PRs like this sit until there is general support. I don't know what the right answer to that is, though.

@annevk
Copy link
Member

annevk commented Nov 16, 2017

WICG/gesture-delegation#13 suggests Safari might be on board with Feature Policy. Is that correct @othermaciej? Haven't seen public signals from Mozilla yet. I'd like at least two implementors on board before integrating this everywhere. It'd be rather costly to revert it all.

As for that new algorithm, I don't think that works as-is. It doesn't deal with "allowattribute flag" for instance or the referenced issue about allowfullscreen needing to be dynamic. Probably best to figure that out in a separate issue?

@annevk annevk mentioned this issue Nov 16, 2017
Closed
@othermaciej
Copy link

We don't have a specific implementation plan or timeline yet, but I think we generally like the idea.

foolip pushed a commit to clelland/fullscreen that referenced this issue Jun 18, 2018
@clelland @foolip
Refer to feature policy spec
a95be40 
This change defines Fullscreen as a policy-controlled feature,
referencing the feature policy spec. It makes use of the currently-
monkey-patched "Allowed to use" algorithm in HTML to allow the
document's policy to control whether an element is permitted to go
fullscreen.

Fixes: whatwg#106
foolip pushed a commit that referenced this issue Jul 11, 2018
@clelland @foolip
Refer to feature policy spec (#107)
97ff618 
This change defines Fullscreen as a policy-controlled feature,
referencing the feature policy spec. It makes use of the currently-
monkey-patched "Allowed to use" algorithm in HTML to allow the
document's policy to control whether an element is permitted to go
fullscreen.

Fixes: #106
Tests: #107 (comment)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@clelland @othermaciej @annevk