Device Attributes Web API is a subset of Managed Device Web API, that provides web applications the capability to query device information (device ID, serial number, location, etc).
navigator.managed object includes managed configuration and this device attributes API. These APIs only work in managed applications and return an error in other contexts. Thus navigator.managed exposure may be reduced in the future to managed environments only. This will be done as a separate chrome feature and after an investigation with usage counters.
Frequently used with managed configuration. No performance risks.
No activation challenges for developers. API is straighforward to use. ChromeOS Admins will need to set up the force-installed or kiosk app and the allowlist policy correctly.
Please see 'Permission control' and 'privacy consideration' paragraphs in the API spec.
Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?
This feature does not deprecate or change behavior of existing APIs.
Verified that all five new methods show up in the DevTools Console autocomplete functionality.
Does the feature depend on any code or APIs outside the Chromium open source repository and its open-source dependencies to function?
Yes. Policy for managed devices is used to control apps that can access this API. For example, after the launch navigator.managed.getAnnotatedAssetId will be defined for 'trusted' origins (kiosk or force-installed web app), but it will return an error if origin is not allowlisted in 'DeviceAttributesAllowedForOrigins' policy.Shipping on desktop | 117 |
OriginTrial desktop last | 98 |
OriginTrial desktop first | 93 |
OriginTrial Android last | 98 |
Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).
Spec changes are not expected in the near future. Current spec is consistent with a similar extension API.Sergii Bykov
Software Engineer
sby...@google.com
+49 174 2575015
Google Germany GmbH
Erika-Mann-Straße 33
80636 München
Geschäftsführer: Paul Manicle, Liana Sebastian
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg
Diese E-Mail ist vertraulich. Falls Sie diese fälschlicherweise erhalten haben sollten, leiten Sie diese bitte nicht an jemand anderes weiter, löschen Sie alle Kopien und Anhänge davon und lassen Sie mich bitte wissen, dass die E-Mail an die falsche Person gesendet wurde.
This e-mail is confidential. If you received this communication by mistake, please don't forward it to anyone else, please erase all copies and attachments, and please let me know that it has gone to the wrong person.
On 7/4/23 5:35 AM, 'Sergii Bykov' via blink-dev wrote:
Contact emails
sby...@google.com
Explainer
https://github.com/Ananubis/WebApiDevice/blob/master/Explainer.md
Specification
https://wicg.github.io/WebApiDevice/device_attributes
Summary
Device Attributes Web API is a subset of Managed Device Web API, that provides web applications the capability to query device information (device ID, serial number, location, etc).
Blink component
Blink
TAG review
https://github.com/w3ctag/design-reviews/issues/606 There was no indication of implementation support from browsers other than Chrome. And reviewers were concerned by the risk of pervasive monitoring of employees. Privacy concerns were addressed in 'Permission control' and 'privacy consideration' paragraphs of the spec. But TAG reviewers didn't endorse adding this as a general mechanism to the Web platform.
TAG review status
Issues addressed
Risks
Interoperability and Compatibility
navigator.managed object includes managed configuration and this device attributes API. These APIs only work in managed applications and return an error in other contexts. Thus navigator.managed exposure may be reduced in the future to managed environments only. This will be done as a separate chrome feature and after an investigation with usage counters.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEBayjL7AyE-m7A90NxnKbsXUtqreD7GNH5qWSy4ydSpv3_4AQ%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/c6761cdc-aadb-ca8a-6dae-95a4f34f0043%40chromium.org.
On Jul 27, 2023, at 21:23, 'Sergii Bykov' via blink-dev <blin...@chromium.org> wrote:
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEBayj%2B%2BYTkmO5Jfqur_GHiXQTmRw3sKfStiQ4A1YWPLn1pCqw%40mail.gmail.com.
Hello Reilly, colleagues,I replied to #11 in the thread and made a small pull request to the explainer (directory id promise can also resolve as undefined).
For #6 I will replace 'trusted' applications with 'managed' applications tomorrow.But I'm trying to figure out what to do with the others.#1 was addressed previously. There is a section "What are trusted applications" that explains it.Is there something else I should specify?
For Jeffrey's question in #2:"I think ChromeOS has decided to give the user notice when these APIs are enabled. Can you add example screenshots to the explainer, and possibly the specification, to illustrate that privacy solution?"I checked the implementation in the chromium code and I don't see any triggers for a notification.
Current decision with the privacy team is that device attributes will only return valid results if called in a force installed app (including kiosk) and the origin is listed in DeviceAttributesAllowedForOrigins policy.These are implementation details. Should I still add them to the explainer? As an impl example section?
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEBayj%2BzuTzfe%2B6ecn8hAWP%3D6jY0-b9-wdeATKneDit4SCQFUg%40mail.gmail.com.
LGTM2
/Daniel
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw_SCBxADg9SKC1BejVJdkinDcyTADh4yhF7ezC%2BkOdTKw%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/f42de963-0fbc-8480-186c-36f9347985ce%40gmail.com.