Google Chrome is making changes to how the Gamepad API works. As a result, Chrome now requires a secure context for the Gamepad API to function as desired. TheWindowsClub has come across a new web browser policy behind chrome://flags starting with Chrome 86 Canary for Mac, Windows, Linux, Chrome OS, Android platforms. This way, Chrome wants to restrict ‘insecure’ Gamepad access.
Restrict gamepad access in Google Chrome
The Gamepad API allows web apps to directly act on gamepad data. It also enables access and response to signals from a gamepad and other game controllers.
Meanwhile, Chrome is working with Mozilla and other web browser makers to make this a standard policy to achieve a secure context with Gamepad controllers. Enabling this experimental flag enables feature policy and secure context restrictions on the Gamepad API. Here’s what it means:
Restricting the Gamepad API to secure context means one thing: Chrome will essentially force the Gamepad API to only work with HTTPS websites. In other words, Chrome will render Gamepad controllers useless on non-HTTPS websites. Chrome and other browsers will show a developer console warning if the API is called from a less secure (HTTP) context.
How to enable the Restrict gamepad access flag
- Open Chrome Canary
- Open chrome://flags
- Locate Restrict gamepad access
- Set the flag to Enable immediately when a tab is hidden using the drop-down menu
- Relaunch Chrome
Mozilla is planning to make a secure context for .getGamepads() mandatory by default starting Firefox 81. Aiming to avoid significant code breakage, Mozilla says calling .getGamepads() will return an empty array.
As of now, Firefox developer console shows a warning when .getGamepads() method is called from insecure contexts.