Contact [email protected] Explainer https://github.com/hemeryar/explainers/blob/main/coop_restrict_properties.md
Specificationhttps://github.com/whatwg/html/issues/6364 Summary Cross-Origin-Opener-Policy is used to sever the relationship between popup and openers, to increase security. "restrict-properties" is a proposed value that restricts the relationship instead of completely severing it. It would enable crossOriginIsolated when paired with COEP. Blink componentBlink>SecurityFeature>COOP <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3ESecurityFeature%3ECOOP> Motivation Developers that want their website to be crossOriginIsolated currently need to give up all relationships with popups. This makes it impossible for websites that use SSO, payments or other APIs that function via popups to be crossOriginIsolated. For these websites, we propose a new COOP value, "restrict-properties" that allows communication via postMessage and closed, while enabling crossOriginIsolated. Initial public proposalhttps://github.com/whatwg/html/issues/6364 TAG review TAG review statusPending Risks Interoperability and Compatibility*Gecko*: Firefox would like to see more developer feedback to ensure this solution suits their needs. *WebKit*: No signal *Web developers*: No signal *Other signals*: Positive feedback on the explainer from Zoom and Meta. WebView application risks None. Debuggability The new value will be plugged into COOP reporting to help developers understand the impact on their site. Is this feature fully tested by web-platform-tests <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> ?Yes under html/cross-origin-opener-policy/tentative/restrict-properties Requires code in //chrome?False Tracking bughttps://bugs.chromium.org/p/chromium/issues/detail?id=1221127 Estimated milestones 106 for OT. Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5072630953017344 This intent message was generated by Chrome Platform Status <https://chromestatus.com/>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAF07A2Uw-Oh0d7ktTPnV%3D8TTrr%2BNcTgfiLxzFd2P2QLD18qNsw%40mail.gmail.com.
