On Fri, Aug 20, 2010 at 10:24 PM, Kit Grose <[email protected]> wrote: > On 21/08/2010, at 3:21 PM, Adam Barth wrote: >> On Fri, Aug 20, 2010 at 7:25 PM, Robert O'Callahan <[email protected]> >> wrote: >>> On Sat, Aug 21, 2010 at 8:24 AM, Ian Hickson <[email protected]> wrote: >>>> One comment: Rather than adding an "allowfullscreen" attribute on >>>> <iframe>, I would suggest just assuing that sandboxed content (i.e. >>>> content of iframes with the sandbox="" attribute) can't go fullscreen. I >>>> can provide a sandbox flag for this state. If we think there are use cases >>>> for allowing sandboxed iframes to go fullscreen, then I can also add a >>>> keyword that turns off the flag when present (like "allow-scripts" does >>>> for scripts). (I'm assuming there are no cases for disabling fullscreen >>>> for unsandboxed iframes; are there?) >>> >>> What about legacy content that doesn't use "sandbox"? It might expect >>> cross-origin IFRAMEs to not be able to take over its window, but if the >>> IFRAME content goes fullscreen, it effectively can. >>> >>> I think allowing subframes to go fullscreen should always be opt-in. >> >> How is going fullscreen different from opening a popup window? > > It's the same document *in the same state* as it was in when you triggered > "fullscreen". You would expect fullscreen on a video or animation not to > start that video or animation from the beginning or reload it.
I meant from a security model perspective. :) Adam
