[whatwg] api for fullscreen() - security issues

Olli Pettay Olli.Pettay at helsinki.fi
Sun Jan 31 05:41:09 PST 2010


On 1/31/10 6:38 AM, Tab Atkins Jr. wrote:
> This one seems kind of weird.  Does the spec currently distinguish
> significantly between a user-initiated click and a script-initiated
> one?
>

DOM 3 Events draft does have the concept of trusted events;
UA/user generated events are trusted, script generated aren't.


-Olli


More information about the whatwg mailing list