Intervention: ignore input events targeting recently-moved iframes.

To prevent unintended clicks/taps, quietly discard input events that target cross-origin iframes that have recently resized or moved a non-trivial distance within the embedding page's viewport.

The motivation is perhaps best conveyed by this hilarious video: We would like to prevent untrustworthy embedders from using visual bait-and-switch tactics to induce users to click or tap on a third-party iframe.



No public standards discussion

Status in Chromium


In development (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • No public signals
  • No public signals
  • No public signals
  • No signals


Last updated on 2019-06-20