From 23e6347c1cd19b50d9c356fefb6f1800330868f1 Mon Sep 17 00:00:00 2001
From: Anssi Kostiainen <anssi.kostiainen@gmail.com>
Date: Thu, 10 Oct 2024 13:07:23 +0300
Subject: [PATCH] Define 'max length' and 'max duration' normatively

Mitigates fingerprinting and tracking vectors that rely on
inconsistencies across devices per W3C Security review
recommendation:

https://github.com/w3c/security-request/issues/71

Note: max duration is expressed in milliseconds.
---
 index.html | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/index.html b/index.html
index 03eac7c..278effc 100644
--- a/index.html
+++ b/index.html
@@ -144,8 +144,7 @@ <h2>
             </li>
           </ol>
         </li>
-        <li>Let <var>max length</var> be an implementation-dependent maximum
-        length of <var>pattern</var>.
+        <li>Let <var>max length</var> have the value 10.
           <div class='note'>
             If the length of a pattern is greater than max length an
             implementation of this API could consider breaking the request
@@ -170,8 +169,7 @@ <h2>
             point.
           </div>
         </li>
-        <li>Let <var>max duration</var> be an implementation-dependent maximum
-        duration for a single vibration entry in a <var>pattern</var>.
+        <li>Let <var>max duration</var> have the value 10000.
         </li>
         <li>For each entry in <var>pattern</var> whose value is greater than
         <var>max duration</var>, set the entry's value to <var>max