Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Limit the precision of floating point event fields #517

Open
jyasskin opened this issue Sep 5, 2024 · 2 comments
Open

Limit the precision of floating point event fields #517

jyasskin opened this issue Sep 5, 2024 · 2 comments
Labels
v3-blocking

Comments

@jyasskin
Copy link
Member

jyasskin commented Sep 5, 2024

There's a history of factory calibration information being used to fingerprint individual devices. I haven't investigated whether this is possible on common pointing devices, but as a precaution, would it make sense to establish a normative limit on the precision of the fields in pointer events, similar to what was done for deviceorientation and accelerometer? See w3c/deviceorientation#86, which limited angle measurements to 0.1 degrees.
@jyasskin jyasskin mentioned this issue Sep 5, 2024
Closed
@mustaqahmed
Copy link
Member

Looks like we should be fine with a 0.01 precision in all of these double attributes and the inherited coordinates. Or maybe even 0.1 in some cases. Thoughts?

We don't need to "downgrade" the IDL types to float, do we?

@jyasskin
Copy link
Member Author

jyasskin commented Sep 5, 2024

I think float fields are also vulnerable to this problem, so they should also be limited, and there's no need to consider changing doubles to floats.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
v3-blocking
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jyasskin @patrickhlauke @mustaqahmed