Problem with allowfullscreen and allow=fullscreen
Categories
(Core :: DOM: Core & HTML, defect, P2)
Tracking
()
People
(Reporter: annevk, Assigned: emilio)
References
(Blocks 1 open bug)
Details
(Keywords: dev-doc-complete)
Attachments
(3 files)
|
47 bytes,
text/x-phabricator-request
|
Details | Review | |
|
47 bytes,
text/x-phabricator-request
|
Details | Review | |
|
13.28 KB,
patch
|
RyanVM
:
approval-mozilla-esr78+
|
Details | Diff | Splinter Review |
So looking at bug 1588377 the testcase there https://codepen.io/yukulele/pen/YzPeVZE?editors=1000 does not work in Firefox and that does not give us different markup (whereas Twitter seems to do so).
That uses <iframe allowfullscreen allow=things-but-not-fullscreen> -> <iframe allow=fullscreen> and that should probably work per Feature Policy, but does not in Firefox.
|
||
Comment 1•5 years ago
|
||
What does
<iframe allowfullscreen allow=things-but-not-fullscreen> -> <iframe allow=fullscreen>
mean?
|
|
||
Updated•5 years ago
|
|
Reporter | |
Comment 2•5 years ago
|
||
Document A contains the first iframe which references document B containing the second iframe.
|
||
Updated•5 years ago
|
|
|
||
Comment 4•5 years ago
|
||
|
|
||
Updated•5 years ago
|
|
||
Updated•5 years ago
|
|
||
Comment 5•5 years ago
|
||
Baku, the patch on this bug is r+ by you, but the author has left. Can it be sent to Lando?
From a cursory look the patch appears to properly implement the allow="fullscreen" attribute on iframes.
I stumbled upon this bug because I was investigating why the following does not work, and believe that the patch will address the issue:
data:text/html,<iframe allow="fullscreen" srcdoc='<button onclick="document.documentElement.requestFullscreen()">Go Fullscreen</button>'></iframe>
According to https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy/fullscreen , allow="fullscreen" is supposed to be supported, but that is not the case. Firefox only supports fullscreen in frames if the allowfullscreen attribute is present.
|
|
Reporter | |
Comment 7•5 years ago
|
||
Johann might be able to help with this. It seems this is the only remaining bug for our allow="" attribute implementation.
|
Assignee | |
Comment 9•5 years ago
|
||
We can clean up this code once the feature policy pref goes away, but
meanwhile this should do the right thing.
|
|
Assignee | |
Comment 10•5 years ago
|
||
Drive-by stealing as I saw this fly by and I've touched related code recently.
|
||
Comment 11•5 years ago
|
||
|
|
||
Comment 12•5 years ago
|
||
|
||
Comment 13•5 years ago
|
||
Backed out for wpt and mochitest fullscreen related failures.
Failure log: https://treeherder.mozilla.org/logviewer.html#?job_id=309358901&repo=autoland
https://treeherder.mozilla.org/logviewer.html#?job_id=309358965&repo=autoland
Backout link: https://hg.mozilla.org/integration/autoland/rev/01bcf8fe712a86759f4e112958652c8864584088
|
|
Assignee | |
Comment 14•5 years ago
|
||
|
|
Assignee | |
Comment 15•5 years ago
|
||
Or "Emilio can't read try push results" fail, in fairness. There's one failure which I skipped over and that got me backed out.
|
|
Assignee | |
Comment 16•5 years ago
|
||
The failures are actually progressions. Right now <iframe src="same-origin.html"></iframe> disallows fullscreen in Firefox, but it shouldn't per spec.
I tweaked the tests so that they still test what they intend to.
|
|
||
Comment 17•5 years ago
|
||
|
|
||
Comment 19•5 years ago
|
||
| bugherder | ||
|
||
Updated•5 years ago
|
|
||
Comment 21•5 years ago
|
||
I think I've explained this OK in the docs:
- Updated the first note on https://wiki.developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy/fullscreen
- Added a rel note to https://wiki.developer.mozilla.org/en-US/docs/Mozilla/Firefox/Releases/80#HTTP
Can you let me know if you think I've understood this correctly? I think I might add a note to the browser compat data too, but want to get this checkout out first. Thanks!
|
|
Assignee | |
Comment 22•5 years ago
|
||
Yeah, those notes sound alright! It is exactly as you describe it, in order for featurepolicy to work you also had to have allowfullscreen on the frame.
|
|
||
Comment 23•5 years ago
|
||
Great, thanks :emilio. I've added a note to the compat data to cover this too: https://github.com/mdn/browser-compat-data/pull/6493
|
||
Comment 24•5 years ago
|
||
Reproduced the initial issue using an old Nightly build from 2020-01-10. Verified that this issue is fixed using latest Firefox 80.0b5 across platforms (Windows 10 64bit, macOS 10.15 and Ubuntu 18.04 64bit).
|
||
Comment 25•5 years ago
|
||
Bug 1495362 was put in the wrong field. I think it was meant to be put in the Regressed By field.
|
||
Comment 26•5 years ago
|
||
[Tracking Requested - why for this release]:
So ESR78 fails on <iframe allowfullscreen> without allow=fullscreen?
If so, should this be fixed?
|
|
Assignee | |
Comment 28•5 years ago
|
||
I don't have a sense of how big of a problem this is in practice, but if it applies cleanly I don't think it'd be risky.
However I think this also would need bug 1606660 etc. I can try to get a patch for the ESR tree and report back if you think it's going to be a problem and is worth uplifting.
|
||
Comment 29•5 years ago
|
||
I don't know either. Maybe Anne does?
|
||
Comment 30•5 years ago
|
||
Are there any known real world webcompat bugs from this? If yes then we should probably uplift, if not then probably not. It seems like an edge case to me...
|
|
Reporter | |
Comment 32•5 years ago
|
||
Unless j.j. knows a site I similarly think it's not worth the hassle, especially given what Emilio points out in comment 28.
|
|
Assignee | |
Comment 33•5 years ago
|
||
(In reply to j.j. from comment #26)
[Tracking Requested - why for this release]:
So ESR78 fails on
<iframe allowfullscreen>withoutallow=fullscreen?
If so, should this be fixed?
Also this is backwards, esr should work with allowfullscreen, but will fail when only allow=fullscreen is specified.
|
|
||
Comment 34•5 years ago
|
||
(In reply to Julien Cristau [:jcristau] from comment #31)
Can you clarify what triggered comment 26?
This bug has never affected me.
Duplicate bug 1588377 was about Youtube and Twitter and I asked because the status was unclear to me.
|
|
||
Comment 35•5 years ago
|
||
comment 5 is a reduction from a broken site that was shared with me by a developer of https://github.com/webrecorder/replayweb.page .
As a work-around, I suggested to add the "allowfullscreen" attribute to their iframe, which was added in https://github.com/webrecorder/replayweb.page/blame/05adead57c2a8238827a32b67559fac8f44b8066/src/replay.js#L201
Developers can work around this, but since MDN has documented for so long that allow="fullscreen" works, I would recommend to uplift this if the patch is safe. The worst that could happen is that sites that use allow="fullscreen" aren't functioning in Firefox, and the easy solution for that is just to move to a different browser.
|
||
Comment 36•4 years ago
|
||
If this is causing issues with Youtube and Twitter, maybe we should consider an uplift patch. Emilio, can you look into what that would look like in practice?
|
|
Assignee | |
Comment 37•4 years ago
|
||
This is effectively part 1 of bug 1606660 plus the patch on this bug. I think it should do.
It required some conflict-rebasing but I think it should be fine.
[Approval Request Comment]
If this is not a sec:{high,crit} bug, please state case for ESR consideration: comment 35 etc
User impact if declined: some videos / iframes can't go fullscreen.
Fix Landed on Version: 80
Risk to taking this patch (and alternatives if risky): not super-risky I'd say. If it's green on try it should be good to go, we have good tests for this.
See https://wiki.mozilla.org/Release_Management/ESR_Landing_Process for more info.
|
|
||
Comment 38•4 years ago
|
||
Comment on attachment 9187111 [details] [diff] [review]
ESR patch
Approved for 78.6esr, thanks.
|
|
||
Updated•4 years ago
|
|
|
||
Comment 39•4 years ago
|
||
| bugherder uplift | ||
Description
•