You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Limit API Usage
Global: A global rate limit should be implemented to restrict the number of vibration requests made within a certain period (e.g., per minute or hour), preventing excessive use.
Session-Based: To prevent prolonged abuse, set session-based limits on the total vibration duration or number of vibrations that can occur during a single-user session.
Site-based: per site and subdomains
Threats and Attacks:
Draining Battery/User’s Resources DoS.
This proposal was discussed at TPAC 2024, conclusion:
We're proposing to collect data from real-world users to understand what specific values to use for global rate limit that'd restrict the number of vibration requests made within a certain period. We will propose this in a future update to the specification when we have a large number of samples available to make an informed decision.
This issue is to gather data that's help make an informed decision on the limits, including feedback from web developers and users to understand use cases that may be affected by the limits.
The text was updated successfully, but these errors were encountered:
From w3c/security-request#71:
This proposal was discussed at TPAC 2024, conclusion:
This issue is to gather data that's help make an informed decision on the limits, including feedback from web developers and users to understand use cases that may be affected by the limits.
The text was updated successfully, but these errors were encountered: