How to block sites from requesting Idle Detection API permissions in Chrome
Google introduced a controversial API in Google Chrome 94 this month. Called Idle Detection API, it allows sites to query the device to find out whether it is idle or in active use. A device enters idle state if it is not used actively for a period; the API can request the idle state of components or events, such as the keyboard, mouse or screensaver.
Google suggests that sites could use it for a number of useful applications, such as revealing if contacts in chat are available, to reset Kiosk systems automatically after a period, or to run expensive computations only if the user is not idle.
Critics of the Idle Detection API, Mozilla and Apple specifically, point out that it has the potential for abuse. While it is true that users need to give permissions to sites before access to the Idle Detection API is granted, sites may convince users to give the permission. Engineers of the companies believe that the API may be abused for dark usage patterns or to run expensive computations when the device is idle.
Mozilla and Apple decided that Firefox and Safari won't support the Idle Detection API, at least not in its current form. Chrome users, and those running Chromium-based browsers, will get the API. Some companies may disable it in their browsers, others may not.
Chrome is a prime example. The API is already implemented in Chrome 94 Stable, and users may see requests by sites to give them permission. The default setting is set to "ask", which means that sites will request permission from the user each time a site is visited. Sites may be blacklisted or whitelisted, to block them permanently or allow access to the API without requests.
Chrome users may block all requests automatically by switching the default state of the site permission. Sites requests will be denied automatically if the switch is being made. The same setting may also work in other Chromium-based browsers who have implemented the API and have not disabled it.
Here is what needs to be done:
- Load chrome://settings/content/idleDetection in the web browser's address bar.
- Switch the Default behavior state from "Sites can ask to know when you're actively using your device" to "Don't allow sites to know when you're actively using your device".
Chrome won't display permission request prompts anymore once the change has been made. Just flip the preference again if you need to reset it. Another option that you have is to add sites to the allow list, as these may then use the API without request prompt.
Now You: what is your opinion on the Idle Detection API? (via Techdows)Advertisement