惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Securelist
C
CERT Recently Published Vulnerability Notes
Forbes - Security
Forbes - Security
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
L
LINUX DO - 最新话题
The Hacker News
The Hacker News
Google Online Security Blog
Google Online Security Blog
SecWiki News
SecWiki News
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
The Last Watchdog
The Last Watchdog
S
Schneier on Security
T
Troy Hunt's Blog
N
News | PayPal Newsroom
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Schneier on Security
Schneier on Security
P
Privacy & Cybersecurity Law Blog
T
Tor Project blog
T
Threatpost
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
A
Arctic Wolf
S
Secure Thoughts
P
Proofpoint News Feed
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Security Latest
Security Latest
Scott Helme
Scott Helme
Security Archives - TechRepublic
Security Archives - TechRepublic
Latest news
Latest news
PCI Perspectives
PCI Perspectives
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Hacker News - Newest:
Hacker News - Newest: "LLM"
L
LINUX DO - 热门话题
P
Palo Alto Networks Blog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
G
GRAHAM CLULEY
V2EX - 技术
V2EX - 技术
Google DeepMind News
Google DeepMind News
Project Zero
Project Zero
V
Vulnerabilities – Threatpost
T
Threat Research - Cisco Blogs
Webroot Blog
Webroot Blog
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
N
News and Events Feed by Topic
TaoSecurity Blog
TaoSecurity Blog
大猫的无限游戏
大猫的无限游戏
T
Tenable Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
V
Visual Studio Blog
H
Hacker News: Front Page
Simon Willison's Weblog
Simon Willison's Weblog
AWS News Blog
AWS News Blog

Recent Commits to webappsec-permissions-policy:main

Add WebMCP link to features.md · w3c/webappsec-permissions-policy@c10c76d Add WebMCP link to features.md · w3c/webappsec-permissions-policy@10d8736 Add `monetization` feature (#571) · w3c/webappsec-permissions-policy@876a190 Add Permissions Policy for Digital Credentials Issuance (#573) · w3c/webappsec-permissions-policy@29efab0 [focus-without-user-activation] Add alternative solutions (#563) · w3c/webappsec-permissions-policy@298d386 Add proposed features from Chrome's Built-In AI APIs (#570) · w3c/webappsec-permissions-policy@4de8724 Replace `shared-autofill` with `autofill` and `manual-text` (#560) · w3c/webappsec-permissions-policy@6f3b837 Do not use request's window concept (#565) · w3c/webappsec-permissions-policy@20ab675 Merge pull request #559 from shhnjk/main · w3c/webappsec-permissions-policy@e9edeb5 Put PermissionsPolicyViolationReportBody/allowAttribute back · w3c/webappsec-permissions-policy@1c37e68 Update index.bs · w3c/webappsec-permissions-policy@7c8ed48 Nit · w3c/webappsec-permissions-policy@173adc5 add allow and src attribute to potential permissions policy violation · w3c/webappsec-permissions-policy@bb175d2 Add `ch-ua-high-entropy-values` feature (#558) · w3c/webappsec-permissions-policy@8430c86 Send reports for Permissions Policy violations in iframe to parent fr… · w3c/webappsec-permissions-policy@314ffc9 Add `storage-access` feature · w3c/webappsec-permissions-policy@c73ef39 Add 'deferred-fetch' as proposed feature · w3c/webappsec-permissions-policy@dedd81f Add mediasession feature · w3c/webappsec-permissions-policy@8ef8664 Clarify picture-in-picture shipping status · w3c/webappsec-permissions-policy@1d05f5e
focus-without-user-activation: Add missing HTML closing quote in exam… · w3c/webappsec-permissions-policy@b5dde2c
silverwind · 2025-05-07 · via Recent Commits to webappsec-permissions-policy:main
Original file line numberDiff line numberDiff line change

@@ -45,7 +45,7 @@ has been triggered by user activation.

4545
4646

To disable the feature for a specific `<iframe>`, the `allow` attribute can be used:

4747

```HTTP

48-

<iframe src="..." allow="focus-without-user-activation 'self'></iframe>

48+

<iframe src="..." allow="focus-without-user-activation 'self'"></iframe>

4949

```

5050

which would block use of focus (without activation) for the document inside the `<iframe>`

5151

unless it is a same-origin document.