torgo
commented
5 months ago Hi @noamr - thanks for sending this our way.
A couple of initial questions we had after reviewing in today's TAG breakout:
-
regarding the naming of the API - it seems like the term "Activation" is a bit overloaded - in particular it's used in the context of user activation which is a completely separate concept. We're concerned this could cause developer confusion. Have you considered any alternatives?
-
what's the current state of this with regard to the HTML spec itself?
-
the security & privacy responses say that "It exposes information about the most recent cross-document navigation." It's not clear if this means it's exposing additional information that the developer wouldn't have had access to before or if it's information that the developer would have had access to anyway? In general there is a lack of information in the explainer about potential abuse cases. It's concerning that this is exposing information about navigation across documents as this could be a potential privacy issue... so I think some additional discussion of this is warranted in the explainer.
-
do you have any information about multi-implementer support?
noamr
nickcoury
こんにちは TAG-さん!
I'm requesting a TAG review of Navigation Activation Info.
This is a small addition to the navigation API, that exposes information about the last cross-document navigation.
Explainer¹ (minimally containing user needs and example code): https://github.com/WICG/view-transitions/blob/main/navigation-activation-explainer.md
Specification URL: https://html.spec.whatwg.org/multipage/nav-history-apis.html#navigation-activation-interface
Tests: https://wpt.fyi/results/navigation-api/navigation-activation?label=master&label=experimental&aligned
User research: TBD
Security and Privacy self-review²: https://github.com/WICG/view-transitions/blob/main/nav-activation-security-privacy-review.md
GitHub repo (if you prefer feedback filed there): N/A
Primary contacts (and their relationship to the specification):
Organization(s)/project(s) driving the specification: Google
Key pieces of existing multi-stakeholder review or discussion of this specification: Mozilla standards position, Spec issue, Spec PR
External status/issue trackers for this specification (publicly visible, e.g. Chrome Status): https://chromestatus.com/feature/5076557983121408
Further details:
You should also know that this is implemented in Chromium behind a flag.
[please tell us anything you think is relevant to this review]
We'd prefer the TAG provide feedback as (please delete all but the desired option):
🐛 open issues in our GitHub repo for each point of feedback
☂️ open a single issue in our GitHub repo for the entire review
💬 leave review feedback as a comment in this issue and @-notify [github usernames]
CAREFULLY READ AND DELETE CONTENT BELOW THIS LINE BEFORE SUBMITTING
Please preview the issue and check that the links work before submitting.
In particular, if anything links to a URL which requires authentication (e.g. Google document), please make sure anyone with the link can access the document. We would prefer fully public documents though, since we work in the open.
¹ We require an explainer to give the relevant context for the spec review, even if the spec has some background information. For background, see our explanation of how to write a good explainer. We recommend the explainer to be in Markdown.
² A Security and Privacy questionnaire helps us understand potential security and privacy issues and mitigations for your design, and can save us asking redundant questions. See https://www.w3.org/TR/security-privacy-questionnaire/.