xdg-activation: temporarily disable source surface verification
71451173 validates the xdg-activation token more strictly by verifying
the source surface attached to the token. That improves the security by
preventing arbitrary focus-stealing.
However, not all clients attach a right source surface to the token or
use the received token for activation. For example, when a notification
client requests thunderbird to activate its window, thunderbird doesn't
use the token passed by the notification client and instead use their own
token, thus the activation is rejected as the surface attached to the
token is not focused.
We will add options to configure the policy for activation requests or
implement urgency hint in some way in the future and reland the source
surface verification.
projects / proto / labwc.git / commit