https://www.w3.org/Bugs/Public/show_bug.cgi?id=19752
Priority: P3
Bug ID: 19752
CC: [email protected], [email protected], [email protected],
[email protected], [email protected]
Assignee: [email protected]
Summary: Add sandboxed pointer lock flag to HTML Sandboxing
QA Contact: [email protected]
Severity: normal
Classification: Unclassified
OS: other
Reporter: [email protected]
Hardware: Other
Status: NEW
Version: unspecified
Component: default
Depends on: 18647
Product: HTML.next
+++ This bug was initially created as a clone of Bug #18647 +++
Created to merge
https://github.com/w3c/html/commit/0e5f355bd059d8857a44505757da025f21e2efb7,
which has been parked in feature/whatwg_iframe_pointer_lock branch.
Pointer Lock API [1] adds capability that should be restricted by a sandbox
flag unless an iframe is marked explicitly with sandbox="allow-pointer-lock"
Rough edit suggestion to HTML:
http://dev.w3.org/html5/spec/origin-0.html#sandboxing
Add a section for The sandboxed pointer lock flag
+ "The sandboxed pointer lock flag
+ This flag prevents content from using the Pointer Lock API"
with link to http://www.w3.org/TR/pointerlock/
Add a new flag parsing item:
After the text: "When the user agent is to parse a sandboxing directive ..."
Add
+ "The sandboxed pointer lock flag, unless tokens contains the
allow-pointer-lock keyword"
[1] http://dvcs.w3.org/hg/pointerlock/raw-file/default/index.html
--
You are receiving this mail because:
You are on the CC list for the bug.
