[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Public WebGL] Re: PSA: fullscreen only over HTTPS

There is an ongoing discussion on this topic on
. I'd encourage you all to provide your feedback there.


On Sat, May 2, 2015 at 11:03 AM, Florian Bösch <pyalot@gmail.com> wrote:
> I have polled a client of mine which has a small web property that contains
> a WebGL widget which does include a fullscreen button.
> Here is what I wrote that client:
>> I'd like to inform you that it's likely that the fullscreen button will
>> break in google chrome and firefox in the forseeable future (mid 2015-2016).
>> For security reasons browsers want to disable fullscreen if you are not
>> serving the website over HTTPS.
>> Starting mid 2015 a new SSL Certificate Authority will offer free
>> certificates (https://letsencrypt.org/)
>> Do you think you could host your site over HTTPS to prevent the fullscreen
>> button breaking? If required, I could also remove the fullscreen button.
> The clients response below:
>> I appreciate the heads up.
>> Redesigning our site to use HTTPS is probably possible but I currently do
>> not have time and resources to undertake that task.
>> Would it be possible to let me know when you get the information that the
>> first production Chrome or Firefox is released?  At that time I can
>> certainly disable the fullscreen function myself as this is real easy to do
>> in your .js file.
> I quote this conversion because precisely this scenario is what is going to
> play out across countless web properties once fullscreen is put behind
> The practice will be that some features can just not be used anymore. That's
> all there is to it.

You are currently subscribed to public_webgl@khronos.org.
To unsubscribe, send an email to majordomo@khronos.org with
the following command in the body of your email:
unsubscribe public_webgl