Don't allow onbeforeunload dialog unless I have interacted with the page
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
Tracking | Status | |
---|---|---|
firefox44 | --- | fixed |
People
(Reporter: jruderman, Assigned: Gijs, NeedInfo)
References
(Blocks 2 open bugs)
Details
(5 keywords)
Attachments
(5 files)
40 bytes,
text/x-review-board-request
|
Gijs
:
review+
|
Details |
40 bytes,
text/x-review-board-request
|
bzbarsky
:
review+
|
Details |
40 bytes,
text/x-review-board-request
|
mconley
:
review+
jaws
:
review+
|
Details |
40 bytes,
text/x-review-board-request
|
bzbarsky
:
review+
|
Details |
40 bytes,
text/x-review-board-request
|
mconley
:
review+
|
Details |
Comment 2•14 years ago
|
||
Comment 3•12 years ago
|
||
Comment 4•12 years ago
|
||
Comment 7•12 years ago
|
||
Comment 9•12 years ago
|
||
Comment 10•12 years ago
|
||
Comment 11•12 years ago
|
||
Comment 12•11 years ago
|
||
Comment 13•11 years ago
|
||
Assignee | ||
Comment 14•9 years ago
|
||
Assignee | ||
Comment 15•9 years ago
|
||
Assignee | ||
Comment 16•9 years ago
|
||
Assignee | ||
Comment 17•9 years ago
|
||
Assignee | ||
Comment 18•9 years ago
|
||
Assignee | ||
Comment 20•9 years ago
|
||
Comment 21•9 years ago
|
||
Comment 22•9 years ago
|
||
Comment 23•9 years ago
|
||
Updated•9 years ago
|
Comment 24•9 years ago
|
||
Comment 25•9 years ago
|
||
Assignee | ||
Comment 26•9 years ago
|
||
Assignee | ||
Comment 27•9 years ago
|
||
Assignee | ||
Comment 28•9 years ago
|
||
Assignee | ||
Comment 29•9 years ago
|
||
Assignee | ||
Comment 30•9 years ago
|
||
Assignee | ||
Comment 31•9 years ago
|
||
Assignee | ||
Updated•9 years ago
|
Assignee | ||
Comment 32•9 years ago
|
||
Assignee | ||
Comment 33•9 years ago
|
||
Updated•9 years ago
|
Comment 34•9 years ago
|
||
Comment 35•9 years ago
|
||
Comment 36•9 years ago
|
||
Assignee | ||
Comment 38•9 years ago
|
||
Assignee | ||
Updated•9 years ago
|
Assignee | ||
Comment 39•9 years ago
|
||
Assignee | ||
Comment 40•9 years ago
|
||
Assignee | ||
Comment 41•9 years ago
|
||
Assignee | ||
Comment 42•9 years ago
|
||
Assignee | ||
Comment 43•9 years ago
|
||
Assignee | ||
Comment 44•9 years ago
|
||
Assignee | ||
Comment 46•9 years ago
|
||
Comment 47•9 years ago
|
||
Comment 48•9 years ago
|
||
Comment 49•9 years ago
|
||
Comment 50•9 years ago
|
||
Assignee | ||
Updated•9 years ago
|
Comment 51•9 years ago
|
||
Assignee | ||
Comment 52•9 years ago
|
||
Comment 53•9 years ago
|
||
Assignee | ||
Comment 54•9 years ago
|
||
Comment 55•9 years ago
|
||
Comment 56•9 years ago
|
||
Comment 57•9 years ago
|
||
Comment 58•9 years ago
|
||
Assignee | ||
Comment 59•8 years ago
|
||
Updated•6 years ago
|
Updated•5 years ago
|
Comment 60•5 years ago
|
||
I believe the heuristic needs to include an active Media Capture session. When the user entrusts the site with "permanent" access to the microphone and/or camera, the site no longer requires an interaction before it can launch a Media Capture session (e.g., WebRTC call).
Under the current definition of activity a click or a keypress is required, which consequently means that if the person is participating in a WebRTC call, they can accidentally leave an active call by pressing F5 key, or closing the wrong tab, for example. Furthermore, the presence of onbeforeunload prompt will be inconsistent between sessions (the first time, user might see it because they have muted their audio prior to accidentally closing the tab, then the second time they would not see the prompt, as they haven't interacted with the page, leading them to believe that the site is at fault for not showing the prompt).
If the check for an active Media Capture session doesn't seem sufficient, session duration check may also be added. For example, a minimum session duration of 10 seconds may be used. This would allow users to quickly close the tab if they see content that they don't expect to see, while still preventing accidental reloads that may lead to loss of data. An example of such data loss is a file transfer via RTC Data Channel, when a reload would reset the download progress, potentially leading to irrecoverable loss of data, if for example the transfer was initiated by sender pasting a screenshot from the clipboard.
This proposal is cross-posted on WebKit and Chromium bug trackers.
Assignee | ||
Comment 61•5 years ago
|
||
(In reply to Xeos from comment #60)
I believe the heuristic needs to include an active Media Capture session. When the user entrusts the site with "permanent" access to the microphone and/or camera, the site no longer requires an interaction before it can launch a Media Capture session (e.g., WebRTC call).
Under the current definition of activity a click or a keypress is required, which consequently means that if the person is participating in a WebRTC call, they can accidentally leave an active call by pressing F5 key, or closing the wrong tab, for example. Furthermore, the presence of onbeforeunload prompt will be inconsistent between sessions (the first time, user might see it because they have muted their audio prior to accidentally closing the tab, then the second time they would not see the prompt, as they haven't interacted with the page, leading them to believe that the site is at fault for not showing the prompt).
If the check for an active Media Capture session doesn't seem sufficient, session duration check may also be added. For example, a minimum session duration of 10 seconds may be used. This would allow users to quickly close the tab if they see content that they don't expect to see, while still preventing accidental reloads that may lead to loss of data. An example of such data loss is a file transfer via RTC Data Channel, when a reload would reset the download progress, potentially leading to irrecoverable loss of data, if for example the transfer was initiated by sender pasting a screenshot from the clipboard.
This proposal is cross-posted on WebKit and Chromium bug trackers.
This is best handled as a new bug instead of posting here. Can you file a new bug and also link to the tickets you filed with chromium and webkit?
Description
•