[whatwg] Fullscreen changes to support <dialog>

Edward O'Connor eoconnor at apple.com
Mon Apr 9 12:53:42 PDT 2012


Ojan wrote:

> Escape usually calls cancel on dialogs, no? Seems to me that if you
> have a dialog open, esc should cancel the dialog, otherwise it should
> yank all fullscreened elements.

Doesn't this suffer from the same sort of security attack that requires
us to leave all fullscreened elements on ESC?

Attacker opens fullscreen element, displays dialog, styles the dialog to
cover the entire viewport, then makes the fullscreen element into an
emulated desktop. User hits ESC, dialog goes away, and the user is left
in the emulated desktop.


Ted



More information about the whatwg mailing list