Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to block user-visible APIs pre-activation? #8

Closed
domenic opened this issue Oct 27, 2020 · 2 comments
Closed

How to block user-visible APIs pre-activation? #8

domenic opened this issue Oct 27, 2020 · 2 comments

Comments

@domenic
Copy link
Collaborator

domenic commented Oct 27, 2020

As discussed in https://github.com/jeremyroman/alternate-loading-modes/blob/gh-pages/browsing-context.md, we need to block access to a variety of user-visible APIs pre-activation. There are at least two ways to do this:

  1. Have the APIs immediately fail. E.g. alert() would return without showing anything; window.open() would return null; permission-prompting APIs would immediately reject, as if the user had rejected.

  2. Have the APIs delay as much as possible until activation. What this means for each API is subtle. For permission-prompting APIs, it would show the prompt after activation. But for something like alert(), would it block the event loop? For window.open(), would it open a "background window", and then upon activation start showing the until-now-hidden window?

  3. A variant of (2), where we don't just delay that particular call, but we freeze the entire document upon any such call. This could make it less likely for other tasks on the event loop to get confused by the hanging promise.

@jeremyroman
Copy link
Collaborator

A dogmatic option 2 seems bad. As you say, we can't just block the event loop during alert. Opening windows during prerendering is bad and there's a ton of precedent there from popup blockers. I suspect that overall we're a mix is probably appropriate.

My gut:

  • alert, confirm, prompt, print: no-op; return empty-ish value
  • window.open: no-op, as though popup had been blocked
  • permission request: hang waiting for permission; proceeds on nav (prompting if needed)
  • (if network restrictions are incorporated) fetch: hang on unauthorized request except for sync XHR, which fails
  • storage APIs: blocked, for consistency with one another

I'm sure @mfalken and prerender folks have thoughts.

@domenic
Copy link
Collaborator Author

domenic commented Jan 11, 2021

We've got a stab at this in #16 (based on this document). I think this is largely settled, although #7 remains open as synchronous storage and service workers are complicated and not yet settled.

@domenic domenic closed this as completed Jan 11, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants