Open toji opened 5 years ago
From @ddorwin on January 10, 2017 19:54
Does the device orientation API have language we can use as a model?
I'm not sure, but this should be implemented. This does look like a valid attack vector for at bare minimum deanonymization and tracking from a red team perspective.
The Generic Sensor API contains the following language: Sensor readings are only available for the active documents whose visibility state is "visible"
The Device Orientation Event editors draft contains the following language: do not fire events on invisible or backgrounded pages
Unless anyone objects I will add this consideration to the explainer.
From @ddorwin on January 10, 2017 19:29
https://w3c.github.io/webvr/#security currently says:
I think it's worth calling out why this is the case. For example, without this limitation, a background tab on a magic window device could track the user's movement for days without the user's knowledge.
In addition:
For discussion, I propose something like:
This could probably be written pore positively, such as stating that the user agent MUST allow all documents to enumerate and only allow the focused document to get state. However, it is also important to call clarify that non-focused documents must not be able to get such state and why.
Copied from original issue: immersive-web/webxr#173