Security section needs to be enhanced #73

cabanier · 2021-09-08T02:51:41Z

From reading the explainer, it's unclear what would happen if the model is larger than the space that the model tag is specifying. Is the assumption that it will be cut down or can it overflow its box?

For use cases where the model is actually 3D, how far would it be allowed to extend from the page? Would it consume or pass through mouse/touch events?

Would there be mitigations if the models are too large in size or complexity or if there are too many?

grorg · 2021-09-09T00:55:53Z

These are all good questions, but I'm not sure they are all related to security. I've been planning to add a section on displaying the model - how to scale it into the viewport, etc.

cabanier · 2021-09-09T01:27:09Z

If a model is allowed to overflow the element's viewport, it could interfere with the browser's chrome or make parts of the page hard to access. It needs to be limited to the area of the element and a reasonable depth.
As for events, is the intent that the user can manipulate the model (ie grab and rotate). If so, should that create events?

I've been planning to add a section on displaying the model - how to scale it into the viewport, etc.

That would be great!

cabanier added the model label Sep 8, 2021

cabanier assigned grorg Sep 8, 2021

cabanier changed the title ~~Security section needs to be enhanced.~~ Security section needs to be enhanced Sep 8, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security section needs to be enhanced #73

Security section needs to be enhanced #73

cabanier commented Sep 8, 2021

grorg commented Sep 9, 2021

cabanier commented Sep 9, 2021

Security section needs to be enhanced #73

Security section needs to be enhanced #73

Comments

cabanier commented Sep 8, 2021

grorg commented Sep 9, 2021

cabanier commented Sep 9, 2021