Security/Reviews/Mouse-Pointer Lock: Difference between revisions

Jump to navigation Jump to search

Security/Reviews/Mouse-Pointer Lock (view source)

Revision as of 19:16, 26 February 2013

1,170 bytes removed ,  26 February 2013
no edit summary
No edit summary
No edit summary
Line 1: Line 1:
{{SecReviewInfo
{{SecReviewInfo
|SecReview name=Extend Pointer Lock (Mouse Lock) for non-fullscreen elements
|SecReview name=Extend Pointer Lock (Mouse Lock) for non-fullscreen elements
|SecReview target=* multiple monitors lose fullscreen on focus change
|SecReview target=<bugzilla>
** video full screen in one monitor and work on something else on the other
{
** or have 2 monitors have different things full screen
"id":"822654"
** Current plan is to show the full-screen warning again for 4 seconds whenever a full-screen page regains focus.
}
</bugzilla>
}}
 
=== Goal of Feature, what is trying to be achieved (problem solved, use cases, etc) ===
* Allow pointer lock when not in full screen mode ( https://bugzilla.mozilla.org/show_bug.cgi?id=822654 and https://wiki.mozilla.org/Security/Reviews/Mouse-Pointer_Lock )
* Allow pointer lock when not in full screen mode ( https://bugzilla.mozilla.org/show_bug.cgi?id=822654 and https://wiki.mozilla.org/Security/Reviews/Mouse-Pointer_Lock )
* Current plan: in response to a click, a web page may activate a doorhanger "Do you want to allow this site to go into pointer-lock mode?"
* Current plan: in response to a click, a web page may activate a doorhanger "Do you want to allow this site to go into pointer-lock mode?"
** Note that pointer lock comes free with full-screen. Full-screen asks for forgiveness while pointer-lock-alone asks for permission.
** Note that pointer lock comes free with full-screen. Full-screen asks for forgiveness while pointer-lock-alone asks for permission.
* Keeping the existing model for pointer lock during full-screen.
* Keeping the existing model for pointer lock during full-screen.
}}
 
{{SecReview
== Threat Brainstorming ==
|SecReview feature goal====Mac Spaces questions===
* Will this allow you to use multiple spaces on a single monitor? (With one in full-screen mode and another showing another app, or another Firefox tab)
** Probably? might need to ask zpao.
* With multiple monitors, mac's concept of spaces and full-screen tends to affect all monitors at once :/
=== What solutions/approaches were considered other than the proposed solution?===
* Showing the warning again for 4 seconds upon return seems like overkill.
** How about just one second?
** How about a smaller warning? (Perhaps a watermark, if we can make it hard to hide)
|SecReview threat brainstorming=* The "warning when switching between two full-screen windows" might be defeatable, when a single site is full-screen in both windows (immersive demos and games)
** What if a web page lies about where focus is?
*** It can't prevent mouse clicks
**** Lies about where the mouse cursor is?
** This isn't really worse than the situation with one full-screen window
* How do we communicate the question of whether to allow pointer lock? The phrase "pointer lock" doesn't really convey the concept, even to users who have seen games use it.
* How do we communicate the question of whether to allow pointer lock? The phrase "pointer lock" doesn't really convey the concept, even to users who have seen games use it.
** Chrome says "Disable your mouse cursor"
** Chrome says "Disable your mouse cursor"
Line 35: Line 26:
* What effect does it have on touch-only devices?
* What effect does it have on touch-only devices?
** Maybe we should tell the page it was denied? A game that wants to support touch will need to listen for touch events.
** Maybe we should tell the page it was denied? A game that wants to support touch will need to listen for touch events.
}}
 
{{SecReviewActionStatus
{{SecReviewActionStatus
|SecReview action item status=In Progress
|SecReview action item status=In Progress
Jesse
Confirmed users
729

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/530436"

Navigation menu