Calls to navigator.vibrate will immediately return 'false' if user hasn't tapped on the frame or any embedded frame yet. The Vibrate API is being abused by malicious sites. This extends what we do for cross-origin iframes to all frames including top-level page. See https://www.chromestatus.com/features/5682658461876224.
Docs: https://github.com/WICG/interventions/issues/47 https://developer.mozilla.org/en-US/docs/Web/API/Navigator/vibrate