diff --git a/source b/source index ab399ac5e70..e8243b52718 100644 --- a/source +++ b/source @@ -72499,62 +72499,106 @@ END:VCARD

Processing model

-

A user interaction activates a Window object - W if either:

- +

When a user interaction in a browsing context B causes firing of an activation triggering input events in that context, it + activates the Window objects in all ancestor browsing contexts of B (including + the one in B itself). The UA activates all relevant Window objects before + it dispatches the input event to any EventTarget.

The user activation state of a Window object W consists of two boolean flags, both of which are initially set to false:

+ -

The propagation of the transient activation flag in the frame tree - is assymetric between setting vs resetting of the flag. A user interaction with a frame - F sets the flag in the Window object of each ancestor frame of - F (including F itself). However, an activation-consuming - API call in the context of the Window object of frame of F resets - the flag in all Window objects across the whole frame tree. This prevents - multiple calls to an activation-consuming API even when the frame hierarchy - is deep.

+
+ +
Expiration of transient activation
+ +
+ +

The UA sets the transient activation flag to false after a UA-defined expiry + time has elapsed since the last time W was + activated.

+ +

The expiry time has to be at most a few seconds so that the user can possibly + perceive the link between an interaction with a page and the page opening a popup, for + example.

+ +

The UA can possibly implement the expiration of transient activation + flag through time-stamping: the UA would have an internal time-stamp field in user + activation state which is updated to current time-stamp every time W is + activated. Then every time the transient activation + flag is checked, the UA would return true iff current time-stamp is less than the stored + time-stamp plus the expiry time.

+ +
+ +
Consumption of transient activation
+ +
+ +

The UA sets the transient activation flag to whenever any script in the page + makes a call to an activation consuming API such as window.open().

+ +

Note the assymetry between setting the transient activation + flag to true and false from the perspective of the browsing contexts of the page. A user interaction with a Window + object W sets to true the transient activation flags in only the ancestor browsing contexts of W. However, + a consumping in W sets to false the flags in all browsing contexts of the page (more + precisely, all descendant browsing + contexts of the top-level browsing context of W). Consuming the + flag in this manner prevents malicious sites from making multiple calls to an activation + consuming API from a single user activation (possibly by exploiting a deep hierarchy of + browsing contexts).

+ +
+ +

APIs gated by user activation

APIs that are dependent on user activation state are classified into three different levels. The levels are as follows, sorted by their "strength of dependence" on user activation (from strongest to weakest):

-
    -
  1. Transient activation consuming APIs: These APIs require the transient bit, and - they consume the bit in each call to prevent multiple calls per user activation.
  2. +
    +
    Transient activation consuming APIs
    -
  3. Transient activation gated APIs: These APIs require the transient bit but don't - consume it, so multiple calls are allowed per user activation until the transient bit - expires.
  4. +

    These APIs require the transient activation flag to be true, and they consume the flag in each call to prevent multiple + calls per user activation.

    -
  5. Sticky activation gated APIs: These APIs require the sticky activation bit, so - they are blocked until the very first user activation.
  6. -
+
Transient activation gated APIs
+ +

These APIs require the transient activation flag to be true but don't consume it, so + multiple calls are allowed per user activation until the transient bit expires.

+ +
Sticky activation gated APIs
+ +

These APIs require the sticky activation flag to be true, so they are blocked + until the very first user activation.

+ + -

Events triggering user activation

+

Input events triggering user activation

@@ -72571,15 +72615,15 @@ END:VCARD data-x="dom-Event-isTrusted">isTrusted attribute is true and whose type is one of: