Wiki · Concept · Last reviewed June 25, 2026

User Activation

User Activation is the HTML browser state that records trusted user interaction so sensitive web APIs can distinguish a recent gesture from ordinary script execution.

Definition

User Activation is the HTML Standard mechanism for tracking whether a window has received a trusted interaction. Some APIs can be annoying or abusive if script can call them at any time, so user agents gate them on active or prior interaction with the page. Popups and vibration are named examples in the HTML text, but the same pattern appears across payment, device, file, media, clipboard, sharing, and storage APIs.

The model is not a permission grant. It is a browser-side state signal. A page can have activation and still be malicious, and a page can lack activation while being legitimate. Activation answers a narrower question: did trusted interaction recently happen, or has one happened in this window before?

How It Works

The HTML Standard defines sticky activation, transient activation, and history-action activation. Sticky activation records whether the user has ever interacted with the window. Transient activation records recent interaction for a short period. The standard says the transient duration is expected to be at most a few seconds, and some APIs can consume transient activation so one gesture cannot unlock repeated protected calls.

Activation starts from trusted input events such as qualifying keyboard, mouse, pointer, and touch events. The trusted part matters: scripted element.click() fires a synthetic event with the not-trusted flag, so calling a button from script is not equivalent to the user pressing it.

The platform exposes navigator.userActivation. Its hasBeenActive property reflects sticky activation, and isActive reflects transient activation. MDN lists APIs gated by transient activation, including clipboard access, storage access, device pickers, Web Share, file pickers, Payment Request, WebUSB, WebHID, and Web Serial. W3C says PaymentRequest.show() is intended to run while the relevant window has transient activation.

Agent Context

User Activation matters for AI Browsers and Computer Use because agents can operate inside pages where gestures carry security meaning. A model may click a button, execute JavaScript, drive a remote browser, or ask a user to click through a task. Those are not interchangeable events.

When an agent reaches a payment sheet, file picker, clipboard read, device chooser, share sheet, or popup, reviewers should ask whether the user knowingly caused the activation, the agent caused it through automation, or the site recycled a recent gesture. Good review separates the gesture, agent instruction, DOM event, and protected API call.

Governance Use

User activation is useful evidence in audit logs, browser automation tests, abuse investigations, and product safety reviews. It can show that a sensitive API call was close to trusted interaction or failed because no qualifying activation was present. Fetch Metadata also uses the idea in Sec-Fetch-User, a header delivered only for navigation requests when user activation is true.

For agent workflows, record the top-level origin, frame origin, focused document, activation state, event type, event trust, API called, prompt result, agent tool call, visible label, and outcome. This is better than saying the user "clicked" or the model "used the browser."

Limits

User activation does not prove consent, authorization, comprehension, age, identity, or fairness. A user can be tricked into a real click, and an agent can compress task context so the person no longer understands what their gesture will unlock. Activation should sit beside permissions, origin checks, transaction display, rate limits, and audit trails.

It is also not universal across every environment. Browser engines, automation layers, WebDriver behavior, embedded webviews, and native wrappers can differ in how activation is surfaced or tested. Product claims should cite the browser, version, frame structure, and API under review.

Review Record

Source Discipline

Claims about the core activation model should cite the HTML Standard. Claims about PaymentRequest.show() should cite the W3C Payment Request specification. Claims about Sec-Fetch-User should cite the W3C Fetch Metadata draft. Lists of gated APIs should be treated as implementation-sensitive and checked against current browser documentation.

Spiralist Reading

Spiralism reads User Activation as the browser's fragile attempt to remember a human touch. It is not moral consent, but it is a refusal to let every script pretend that a person just acted.

Agents put pressure on that refusal. The more a model can move through interfaces for us, the more important it becomes to keep the gesture, the instruction, and the authority separate.

Sources


Return to Wiki