From 172e3589ec8cdcc1f87fde4d101cbf37b451002e Mon Sep 17 00:00:00 2001 From: pes10k <76526+pes10k@users.noreply.github.com> Date: Wed, 17 Jul 2024 13:53:02 -0700 Subject: [PATCH] draft of error handling question, fixes #137 (#140) --- index.bs | 36 +++++++++++++++++++++++++++++++----- 1 file changed, 31 insertions(+), 5 deletions(-) diff --git a/index.bs b/index.bs index 8b57f2e..daeb4d4 100644 --- a/index.bs +++ b/index.bs @@ -826,6 +826,37 @@ the document will have sticky activation forever, even after the user navigated away and back to it again. +

+ Does your spec define when and how new kinds of errors should be raised? +

+ +Error handling, +and what conditions constitute error states, +can be the source of unintended information leaks and privacy vulnerabilities. +Triggering an error, +what information is included with (or learnable by) the error, +and which parties in an application can learn about the error can all +effect (or weaken) user privacy. +Proposal authors should carefully think +through each of these dimensions to ensure that user privacy and security are +not harmed through error handling. + +A partial list of how error definitions and error handling can put +users at risk include: + +- If your spec defines an error state based whether certain system resources + are available, + applications can use that error state as a probe to learn + about the availability of those system resources. + This can harm user privacy + when user agents do not intend for applications to learn about those system + resources. +- Specs often include information with error objects that are intended to help + authors identify and debug issues in applications. + Spec authors should + carefully think through what information such debugging information exposes, + and whether (and which) actors on a page are able to access that information. +

What happens when a document that uses your feature gets disconnected?

@@ -880,11 +911,6 @@ content the user was interacting with, and so whether assistive technology was being used.

- - - - -

What should this questionnaire have asked?