Project: chromium Issues People Development process History Sign in
New issue
Advanced search Search tips
Starred by 5 users
Status: Fixed
Owner:
Closed: Jun 19
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Launch-OWP
Launch-Accessibility: ----
Launch-Legal: ----
Launch-M-Approved: ----
Launch-M-Target: ----
Launch-Privacy: ----
Launch-Security: ----
Launch-Status: ----
Launch-Test: ----
Launch-UI: ----
Product-Review: ----



Sign in to add a comment
JavaScript dialogs exit HTML5 fullscreen
Project Member Reported by a...@chromium.org, May 31 Back to list
Spec
https://fullscreen.spec.whatwg.org/

Summary
If a page shows a JavaScript dialog while it is in fullscreen (the HTML5 kind), it is exited from fullscreen.

Motivation
Fullscreen is a dual-edged sword. Because it allows a web page to take over the screen, it is immersive. Unfortunately, its immersiveness has the danger of being disorienting, because all the usual user-interface items (taskbar, menu bar, window titlebars) are removed.

JavaScript dialogs are similarly powerful. They block the user from interacting with the web page until the user responds to it. There is an escape hatch, however; the user can switch to a different tab or close the tab if a page is being abusive with its use of dialogs.

JavaScript dialogs and fullscreen do not mix well. The primary issue is that if a page enters fullscreen, it removes the dialog escape hatch of the user being able to switch to a different tab or close the tab. In addition, the appearance of the dialog can interfere with the user from being able to see the critical "press [esc] to leave fullscreen" bubble that might be the user's only indication that they have entered fullscreen.

Right now they interfere through being located at the same place on the screen, but even if they were changed to not be located at the same place, having two different items appear on the screen at once is bad. One will be missed, because humans simply cannot pay attention to two things at once, and because the "press [esc] to leave fullscreen" bubble is security-critical, we cannot afford to have it be lost.

Because of this reasoning, the security UI team has decided that if a page shows a JavaScript dialog while it is in fullscreen, that the page should be exited from fullscreen. This ensures that JavaScript dialogs cannot be used as a weapon to distract users from security-critical UI.

Two notes:
1. This would not effect a page's ability to show a dialog while in user-initiated fullscreen. In that case, the user knows they're in fullscreen and our concerns do not hold.
2. This is being actively abused in the wild.

Interoperability and Compatibility Risk
It is possible that a page is using both fullscreen and dialogs. It's unlikely, though, because the point of fullscreen is to be immersive, and the point of dialogs is to not be immersive but shock the user into action.

The fullscreen spec (https://fullscreen.spec.whatwg.org/) does not have any provisions for when a user agent is allowed to unilaterally force an element to exit fullscreen. This surely is an oversight. We already allow the user to force the element to exit fullscreen by pressing the escape key, and we advertise this face; surely the intent of the spec cannot be that the page has a non-overridable ability to be fullscreened.

Edge: No signals
Firefox: No signals
Safari: No signals
Web developers: No signals

Ongoing technical constraints
None.

Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?
This will be implemented on desktop platforms.
 
Status: Fixed
Labels: -M-60 M-61
Project Member Comment 5 by bugdroid1@chromium.org, Jul 18
Labels: merge-merged-3112
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f36b11b74a9d97621a65d466862948b0b8650889

commit f36b11b74a9d97621a65d466862948b0b8650889
Author: Avi Drissman <avi@chromium.org>
Date: Tue Jul 18 23:38:13 2017

If JavaScript shows a dialog, cause the page to lose fullscreen.

BUG= 670135 ,  550017 ,  726761 ,  728276 
TBR=avi@chromium.org

(cherry picked from commit 0720b02e4f303ea6b114d4ae9453e3a7ff55f8dc)

Review-Url: https://codereview.chromium.org/2906133004
Cr-Original-Commit-Position: refs/heads/master@{#478884}
Change-Id: Id833bfcc88e7faf9129ceb3184e11d37a71c61cc
Reviewed-on: https://chromium-review.googlesource.com/576402
Reviewed-by: Avi Drissman <avi@chromium.org>
Cr-Commit-Position: refs/branch-heads/3112@{#644}
Cr-Branched-From: b6460e24cf59f429d69de255538d0fc7a425ccf9-refs/heads/master@{#474897}
[modify] https://crrev.com/f36b11b74a9d97621a65d466862948b0b8650889/chrome/browser/printing/print_job_worker.cc
[modify] https://crrev.com/f36b11b74a9d97621a65d466862948b0b8650889/chrome/browser/printing/print_view_manager.cc
[modify] https://crrev.com/f36b11b74a9d97621a65d466862948b0b8650889/content/browser/web_contents/web_contents_impl.cc
[modify] https://crrev.com/f36b11b74a9d97621a65d466862948b0b8650889/content/browser/web_contents/web_contents_impl.h
[modify] https://crrev.com/f36b11b74a9d97621a65d466862948b0b8650889/content/browser/web_contents/web_contents_impl_browsertest.cc
[modify] https://crrev.com/f36b11b74a9d97621a65d466862948b0b8650889/content/public/browser/web_contents.h

Sign in to add a comment