Contact [email protected], [email protected] SpecificationNone
Summary If a cross-origin iframe has moved recently within its embedding page, then we will silently discard events targeting the iframe. The rationale is that if the iframe moved recently, it is likely that the user did not intent to click or tap on it. For more information about the risks of mis-clicks: https://www.w3.org/Security/wiki/Clickjacking_Threats#Repositioning_the_trusted_window This intervention shipped in limited form in 2019: it only affected iframes containing script using V2 features of IntersectionObserver (i.e. occlusion/effect detection). This launch expands this behavior to all cross-origin iframes, regardless of whether they are using IntersectionObserver V2. Blink componentBlink>Input <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EInput> TAG reviewNone TAG review statusNot applicable Risks Interoperability and Compatibility Web sites that have cross-origin iframes with unstable positioning may experience a drop-off in click rates to those iframes. *Gecko*: No signal *WebKit*: No signal *Web developers*: No signals *Other signals*: Security There are no known security risks to discarding an input event. We have not heard any concerns about the existing limited scope intervention. WebView application risks Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications? None Debuggability None Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?Yes Is this feature fully tested by web-platform-tests <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> ?No Flag name on chrome://flagsNone Finch feature nameDiscardInputEventsToRecentlyMovedFrames Requires code in //chrome?False Tracking bughttp://crbug.com/603193 Estimated milestones Shipping on desktop 121 Shipping on Android 121 Shipping on WebView 121 Anticipated spec changes Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way). None Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5079376387637248 This intent message was generated by Chrome Platform Status <https://chromestatus.com/>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAHOQ7J_XfiFdzAYB8jdAfzx_y7MqrEtnmTDDpde46PYYCZx1tQ%40mail.gmail.com.
