Chromium uses UserGestureIndicators to identify when we believe a user is actively trying to interact with a web page, and restricts certain sensitive operations (pop-ups, fullscreen, geolocation requests, etc.) to being permitted only during such a user gesture. I filed
this intervention to track getting our current UserGestureIndicator behavior written up as a proper intervention. I don't know all the history here, and how it relates to existing specs and behavior in other browsers.
This behavior has never been fully thought through for touch input, and we have a
high-profile issue where some ads are activating on the touchend from a touch scroll in Chrome (where Safari just ignores such calls to window.open).
I'm
proposing an intervention to tighten up our user gesture behavior for touch, at least (for now) in the case of cross origin iframes. Basically only touch events which represent a tap should be considered as user gestures.
Feedback (here or in
the doc) is appreciated. Is there guidance written somewhere on "intent to intervene" threads? I'd like to send one (or maybe it's just a deprecate-and-remove thread) out soon, starting with adding use counters and deprecation messages. I've got a prototype CL for this which I'll share soon after I've tested it some more.
Thanks,
Rick