Move elements of pointerId informative note to normative text#411
Conversation
|
felt that the part about the lifetime of the page etc was still quite important, so grafted it into the normative part. we can discuss this week at the meeting |
| <dt><dfn>pointerId</dfn></dt> | ||
| <dd> | ||
| <p>A unique identifier for the pointer causing the event. This identifier MUST be unique from all other <a data-lt="active pointer">active pointers</a> in the <a>top-level browsing context</a> (as defined by [[HTML]]) at the time. The <code>pointerId</code> value of <code>-1</code> is reserved to indicate events that were generated by something other than a pointing device. The user agent MAY recycle previously retired values for <code>pointerId</code> from previous active pointers, if necessary.</p> | ||
| <p>A unique identifier for the pointer causing the event. This identifier MUST be unique from all other <a data-lt="active pointer">active pointers</a> in the <a>top-level browsing context</a> (as defined by [[HTML]]) at the time, and the identifier MUST NOT be influenced by any other top-level browsing context. The <code>pointerId</code> value of <code>-1</code> is reserved to indicate events that were generated by something other than a pointing device. The user agent MAY recycle previously retired values for <code>pointerId</code> from previous active pointers, or it MAY always reuse the same <code>pointerId</code> for a particular pointing device for the lifetime of the page. However, in the latter case, the <code>pointerId</code> MUST be randomized, to minimize the chance of fingerprinting and tracking across different pages.</p> |
There was a problem hiding this comment.
Does it look a bit less hand-wavy?
...MUST NOT be influenced by existing pointers in any other... (emphasis marks the new text)
Not sure if this would leave something important out!
|
discussed at today's meeting, needs a bit more finessing:
|
while more verbose, this is an attempt to just explain a bit more what we're trying to do here (prevent tracking/fingerprinting, while also trying to allow some kind of "persistent" pointerId for collaborative scenarios with multiple users, for the lifetime of the page)
|
@mustaqahmed @smaug---- @flackr made an admittedly wordy stab at turning the whole explanation around to make it clearer, while also introducing the new idea that mouse's |
|
note to self: this PR will need a more descriptive title when/if it gets merged |
|
The major part of this PR is covered by WPTs. The few remaining points seem hard to test: most are optional, others need multiple top-level browsing contexts (needs discussion). Below is a dump of the
Optional, hence untestable.
Covered in
Is there a way to have multiple top-level browsing contexts in a WPT?
Optional, hence untestable.
We can simulate a touch pointer crossing an |
In a past PEWG meeting, we agreed this may be testable using a same origin popup but it is not clear if "moving a pointer from one browsing context to another" is even supported by test-driver actions. Removing the needs-wpt label because the major part of the PR is covered by WPTs already. |
x-ref #405 https://www.w3.org/2021/09/01-pointerevents-minutes.html#t02
Preview | Diff