diff --git a/index.html b/index.html index 0ef0762..e7f6004 100644 --- a/index.html +++ b/index.html @@ -872,21 +872,101 @@

  • [=Apply orientation lock=] `null` to |topDocument|.
    • +

    + Rejecting descendant document orientation promises +

    +

    + To reject descendant document orientation promises for a + {{Document}} |document|, the [=user agent=] MUST: +

    +
      +
    1. If |document| is not a [=top-level browsing context=]'s + [=navigable/active document=], abort these steps. +

      + Only top-level documents have descendant navigables to process. +

      +
      2. +
    2. Let |descendantDocs| be an [=ordered set=] consisting of + |document|'s [=Document/descendant navigables=]'s [=navigable/active + documents=], if any, in tree order. +
      3. +
    3. [=Set/For each=] |descendantDoc:Document| in |descendantDocs|: +
        +
      1. If |descendantDoc| is not [=same origin=] with |document|, + continue. +

        + Only same-origin descendant documents are processed to prevent + cross-origin documents from detecting orientation lock states + of their embedding documents, which could be used for timing + attacks or fingerprinting. +

        +
        2. +
      2. If |descendantDoc|'s {{Document/[[orientationPendingPromise]]}} + is not `null`, [=reject and nullify the current lock promise=] of + |descendantDoc| with an {{"AbortError"}}. +
        3. +
      +
      4. +

    Interaction with Fullscreen API

    +

    + A user agent SHOULD restrict the use of {{ScreenOrientation/lock()}} to + documents that meet the fullscreen pre-lock condition as a + [=pre-lock condition=]. [[fullscreen]] +

    +

    + A {{Document}} |document| meets the [=fullscreen pre-lock condition=] + if any of the following are true: +

    +
      +
    1. |document| has a [=fullscreen element=]. +
      2. +
    2. |document| has its [=pending fullscreen request flag=] set. +
      3. +
    3. |document| is [=same origin=] with its [=top-level browsing + context=]'s [=navigable/active document=], and that [=top-level + browsing context=]'s [=navigable/active document=] meets one of the + above conditions. +
      4. +
    +

    + The third condition allows same-origin iframes to lock the screen + orientation when their parent document is in fullscreen or has + requested fullscreen. This prevents cross-origin documents from + detecting the fullscreen state of their embedding document. +

    A user agent MUST restrict the use of {{ScreenOrientation/lock()}} to simple fullscreen documents as a [=pre-lock condition=]. This requirement prevents fingerprinting through differences in user agent behavior regarding orientation locking permissions. [[fullscreen]]

    +

    - When a [=document=] exits fullscreen, it also runs the [=fully unlock - the screen orientation steps=]. [[fullscreen]] + [=promise/React=] to a [=document=] |doc|'s [=pending fullscreen + request promise=]. When the promise is [=reject|rejected=], run the + following steps:

    +
      +
    1. If |doc|'s {{Document/[[orientationPendingPromise]]}} is not + `null`, [=reject and nullify the current lock promise=] of |doc| with + an {{"AbortError"}}. +
      2. +
    2. [=Reject descendant document orientation promises=] for |doc|. +
      3. +