Javascript
Web development

User Gesture Restricted Web APIs

API can only be initiated by a user gesture — what does this error mean, and how can you fix it?

ByAnna Azzam
Published on

When dealing with Web APIs, you come across this error:

API can only be initiated by a user gesture

Why does this error happen, and what exactly does it mean?

Why does this happen?

This error means that the API which you are trying to call cannot just be called in your code, it needs to be initiated by a user gesture.

Let’s use the Fullscreen API as an example. This Web API has a method Element.requestFullscreen() which places the target element and the entire browser’s web page into fullscreen mode.

Below is an example of calling requestFullscreen as soon as the page loads:

window.addEventListener("DOMContentLoaded", (event) => {
  document.body.requestFullscreen();
});

This code will not work, as the action is not initiated by a user gesture. This limitation is applied so that you cannot force a website to display in fullscreen mode — you can only enter fullscreen mode via a user gesture or action.

The primary reason behind this limitation is for security reasons — imagine if videos could automatically play without you choosing to play them, or malicious websites could take your entire screen as soon as you visit the webpage. Restricting these API methods to user gestures ensures that they are intended by the user.

What should I do instead?

To fix this type of error, the API method needs to be called in the event listener for a user action, such as a click orkeydown event.

Here’s an example where we are calling requestFullscreen once a button is clicked to fix our error above:

window.addEventListener("DOMContentLoaded", (event) => {
  const button = document.getElementById("btn");
  button.addEventListener("click", () => {
    document.body.requestFullscreen();
  });
});

Valid user gestures include:

  • change
  • click
  • contextmenu
  • dblclick
  • mouseup
  • pointerup
  • reset
  • submit
  • touchend

Events such as mousemove or mouseenter are not valid user gestures.

Conclusion

In conclusion, for security reasons, browsers prevent certain scripts from running unless triggered by a user action. This applies to methods other than Fullscreen as well, such as playing video or audio via HTMLMediaElement.play().

Hope this helped!

Enjoyed this article?

Share it with your network to help others discover it

LinkedIn logo for sharing a link
Twitter logo for sharing a linkReddit logo for sharing a link

Continue Learning

Discover more articles on similar topics

JavaScript: New Features of 2023 and Expectations for 2024

The present and the future through (Before/After) examples

Javascript

How to Detect Arrow Key Presses in JavaScript?

A guide on how to detect arrow key presses in JavaScript.

JavaScriptProgrammingWeb Development

Make your own YouTube Downloader

YoutubeYoutube downloaderJavascript

3 Ways To Store Data in the Browser

Cookies, local storage, and session storage

DataJavascriptBrowser

Infinite Currying in JavaScript

A tutorial on how to implement infinite currying in JavaScript.

JavascriptCurryingFunctional-programming

Build a Shopping Cart with Next.js 14 Server Actions

Creating a user-linked shopping cart using server actions with Vercel KV and Next-Auth.

NextjsReactTypescript