[Webkit-unassigned] [Bug 152299] [Privileged Contexts] Enable opt-in to DeviceOrientation and DeviceMotion for HTTPS-based iframes

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Mar 22 10:09:53 PDT 2017


https://bugs.webkit.org/show_bug.cgi?id=152299

Jono Brandel <jono at with.in> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jono at with.in

--- Comment #16 from Jono Brandel <jono at with.in> ---
The `allow-device-sensors` has use cases far more integral than advertising purposes. I work at a company where we create, host, and distribute 360 videos, https://with.in/. All of our content runs off of a CDN https://player.with.in/

When we iframe our video player on our site ( e.g: https://with.in/watch/the-possible-speed-machine/ ) we get the CORS cross-domain error because it's a different subdomain. In this case I am the owner of both and feel that the developer has a right to decide which features may trickle down.

Because of the volume of our viewership, it is paramount that we host these massive files on a CDN. Our work around is to offer a touch version for our iOS visitors, whereas visitors on Android get deviceorientation events.

Also, for what it's worth the `allow-device-sensors` is stylistically a similar solution to `allowfullscreen` attributes on iframes.

I hope you'll consider merging Rich's patch into Webkit!

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170322/ba30d0f0/attachment.html>


More information about the webkit-unassigned mailing list