I've searched for reasons and couldn't find much. The fact that a website can know where a browser window is located (window.screenX/window.screenY) and that clicks position can be reported in that coordinate system sounds insane for a desktop. TOR Browser seems to spoof screenX and screenY to avoid fingerprinting.
Has anyone seen good use-cases for that feature? I'm thinking about dual window applications that interacts with each other (I think I saw a demo of something like this a while ago on HN but I wasn't able to find it again), or sites where behavior depends on their location on the virtual screen.
Back in html 4 days we did this shenanigans all the time. I worked on very over the top sites that played with multiple windows talking to each other and moving in synchrony. I’ve tried looking for examples on archive.org (eg I know we did this a ton on flash heavy sites like design museum in London ) but alas the ones I was looking for a broken in that archive.
If you're reacting to click events, you might want to know the coordinates of where you're clicking. I mostly use this for click and drag stuff since you can get the delta between events and update position of the thing being dragged.
As for why they're checking for coordinates instead of checking for event.type is beyond me. Still I appreciate the write up, it is a good puzzle and relatable to come across code you didn't write and ask, why is it important that the click coordinate is nonzero? Why can't we just check that event.target is the button we want to activate? Why are we using JavaScript at all when a details/summary tag would do the same job?
Relative coordinates sure, but why would you need the absolute position?
I'm with you on the second point - as unlikely as it is for the click to occur at the origin, it's still a legitimate value being abused as an indicator of something that might not actually be true - quite frankly the code was bad to begin with, and it was still bad after the fix.
Uh. So they can keep track of what the user is doing?
Why would you just send a document when you can generate a heat map of where the user is on your website. And then complain about the performance and wonder why it costs so much to run a modern website.
The issue isn't so much the coordinate of the mouse within a page, but that the coordinates are relative to the virtual screen layout. It describes where your window is located on the screen(s) and the click is expressed in screen coordinates. Mapping those coordinates to your website's renderer coordinates requires additional calculation.
layerX[1] while non-standard is supported and returns a position relative to the top of the page or the top of the parent element. This makes coordinates positive only and 50,50 is the same for all users. For screenX, 3000,1567 is the same coordinate as 15,37 depending on where the window is located.
