Unrestricted WebHID in IWA context

[SuibianP]

Unrestricted WebUSB (explainer, crbug) allows for unfettered access to protected classes and blocklisted devices. It would make sense to enable the same capability for WebHID as well.

[alvinjiooo]

The WebHID specification blocks certain protected device classes, particularly keyboards and mice, for security reasons. Granting a website direct, low-level access to these devices could enable malicious actors to perform actions like keylogging or spoofing user input, creating a severe security risk.

To better understand the proposal and its potential benefits, it would be helpful to learn more about the specific applications you have in mind.

Could you elaborate on:

1. What are the key applications or use cases that would be enabled by an "Unrestricted WebHID" capability?
2. Which specific protected HID usage pages/usages or blocklisted devices are you interested in accessing?

[SuibianP]

Granting a website direct, low-level access to these devices could enable malicious actors to perform actions like keylogging or spoofing user input, creating a severe security risk.

As far as I understand, this is a strict subset of what has already been made possible by Unrestricted WebUSB, whose security consideration is clarified in the explainer I quoted. Also note that this proposal applies to IWA context only, gated behind a manifest policy in line with its USB counterpart.

Are you seeing any additional risk not already in Unrestricted WebUSB that I may have overlooked?

1. What are the key applications or use cases that would be enabled by an "Unrestricted WebHID" capability?
2. Which specific protected HID usage pages/usages or blocklisted devices are you interested in accessing?

It could be useful for forwarding devices for remote control, or when the user does want a keylogger (such as something like Draftback but works outside GDocs as well). I am thinking about input devices like keyboard/mouse.