Hello Yaseen, Sorry for not betting back earlier.
On Mon, Dec 5, 2022 at 10:05 AM Yaseen Khan <[email protected]> wrote: > Activation - Deprecation plan > M109: Enable "Origin Agent Cluster by Default" for 50% of page loads on > beta, dev, and canary. > --- As a developer, do I need to set "Origin-Agent-Cluster: ?1" as a > header for 50% of page visits or chromium enforcing for 50% of page > visits from browser(Means 50% ( "Origin-Agent-Cluster: ?1") and another > 50% ( "Origin-Agent-Cluster: ?0")?. > No, you should always set the header (or remove document.domain usage). Setting the header means you instruct the browser to cluster pages by origin ("?1") (or not, "?0"), and thus the change of the default will not affect you, since you're no longer relying on the default. Note that origin-agent clustering has been implemented for quite a while. What changes now is how the default is handled: Pages that do not explicitly request clustering to be on or off used to get the off behaviour ("?0"), and will soon get the on behaviour ("?1"). In other words, it turns from an opt-in feature into an opt-out feature. By setting the header to off ("?0"), you request "off" behaviour - which in the past you got automatically. It's safe to always do that, since it retains current behaviour. I have installed M109 beta and I have not set orginAgentCluster in my site > and I can see in console "*window.originAgentCluster*" always return > false for all sites/pages. Could you clarify on this?. How do I know > whether Origin-Agent-Cluster enabled or not in M109? > M109 beta: Your observation is correct. Because of a bug found at the last minute, I have not actually enabled the feature. Unfortunately I have to delay the rollout. > On Thursday, 27 October 2022 at 20:19:44 UTC+5:30 Daniel Vogelheim wrote: > >> Hello all, >> >> The approval for the Intent To Ship for Origin Isolation By Default / >> Deprecate document.domain >> <https://groups.google.com/a/chromium.org/g/blink-dev/c/_oRc19PjpFo/> >> asks for a separate intent for the actual default change >> <https://groups.google.com/a/chromium.org/g/blink-dev/c/_oRc19PjpFo/m/Ybgtf3JfAQAJ>. >> This is that separate intent. >> >> A summary of what happened so far: >> >> - Shipping Origin Isolation by Default (and thereby deprecating >> document.domain) has security benefits, but compatibility risk. >> >> - We added warnings to the developer console and issues panel, published >> a blog post, and engaged in direct outreach. This has resulted in >> substantial, measurable reduction of usage. Some sites keep using >> document.domain, but have mitigated the deprecation with other means. This >> makes the risk difficult to measure. >> >> - Sampling of sites with document.domain usage and manual inspection >> yields a potential breakage estimate at ~0.015% of page views. >> >> What we're asking for here is: >> >> - Enable the feature at 50% for beta (+ dev + canary) during M109, as a >> "last call" for web site authors. >> >> - Launch on stable on M110. (~ Feb '23, so >12 weeks out from today) >> >> >> ------------------------ >> >> Contact [email protected], [email protected] >> SpecificationExplainer: >> https://github.com/mikewest/deprecating-document-domainHTML Spec draft: >> https://github.com/whatwg/html/compare/main...otherdaniel:dd >> API specYes >> Summary >> >> This is a follow-on to the Intent to Ship: Origin Isolation By Default / >> Deprecate document.domain >> <https://groups.google.com/a/chromium.org/g/blink-dev/c/_oRc19PjpFo/>. We'd >> like to ship this in M110, stable. >> >> Summary (of the underlying change)Change the default behavior of the >> Origin-Agent-Cluster: header / document.domain settability. >> Presently, pages within Chromium have site-keyed agent clusters by >> default, unless the Origin-Agent-Cluster: header is explicitly set to true. >> This accommodates pages or frames which want to access each other's state, >> despite being on different origins (but within a site). This is fine for >> any pages that wish to do so, but because a page *might* set >> document.domain later on, Chromium currently must use site-keyed agent >> clusters for *all* pages by default even though the overwhelming majority >> of pages do not ever make use of this (mis-)feature. In turn, this requires >> Chromium to use sites as the basis for renderer process isolation (via Site >> Isolation), which exposes origins to same-site but cross-origin attacks >> involving compromised renderer processes or the "Spectre" family of >> side-channel attacks. >> This proposal changes the default behaviour of Origin-Agent-Cluster. From >> a developer's point of view, the new default matches "Origin-Agent-Cluster: >> ?1". The initial implementation will use origin-keyed agent clusters for >> all (non-opted out) origins, without changing how many processes Chromium >> creates. Over time, we can then adapt Chromium's isolation strategy towards >> origin-keyed processes without further affecting web-visible behaviour. >> The developer-visible aspect of this is that for pages with origin-keyed >> agent clusters, document.domain is no longer settable. Thus, we have marked >> this intent as a deprecation. >> Note that this proposal is about the default. Both modes - site-keyed or >> origin-keyed agent clusters - remain available to any site, but >> origin-keyed agent clusters change from opt-in to opt-out. The current >> behaviour remains available by setting "Origin-Agent-Cluster: ?0". >> Blink componentBlink>SecurityFeature >> TAG reviewhttps://github.com/w3ctag/design-reviews/issues/564 >> Risks: Interoperability and Compatibility >> >> There are compatibility risks, which we have reduced with outreach and >> warnings, and we want to mitigate further by launching at 50% of beta >> first. An extended discussion of the risk (including attempts at >> quantitative assessment) can be found in the original intent to ship >> <https://groups.google.com/a/chromium.org/g/blink-dev/c/_oRc19PjpFo/>. >> >> Gecko: Standards position request >> <https://github.com/mozilla/standards-positions/issues/601>. ("Worth >> prototyping") >> >> WebKit: >> https://lists.webkit.org/pipermail/webkit-dev/2021-December/032067.html >> (No signals.) >> >> Web developers: No signals. >> >> Activation - Deprecation plan >> M109: Enable "Origin Agent Cluster by Default" for 50% of page loads on >> beta, dev, and canary. >> >> M110: Enable "Origin Agent Cluster by Default" on stable. >> SecurityThis change should be security-positive, since setting >> document.domain will not have any impact on the origin of the document any >> more. >> DebuggabilityA deprecation warning has been added to DevTools console >> and to the issues panel in M98. This warning will file a deprecation report >> as well using the Reporting API, if so configured. >> Will this feature be supported on all six Blink platforms (Windows, Mac, >> Linux, Chrome OS, Android, and Android WebView)?Yes >> Is this feature fully tested by web-platform-tests >> <https://chromium.googlesource.com/chromium/src/+/master/docs/testing/web_platform_tests.md> >> ?This is covered by Origin-keyed Agent Cluster tests >> <https://wpt.live/html/browsers/origin/origin-keyed-agent-clusters/>. >> >> Tracking bughttps://crbug.com/1139851 >> Launch bughttps://crbug.com/1246823 >> Link to entry on the Chrome Platform Status >> https://chromestatus.com/feature/5428079583297536 (document.domain >> setter deprecation)https://chromestatus.com/features/5683766104162304 >> (Origin-keyed agent clusters) >> > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALG6KPPdX11QKqmjObOKAte7O3TQNyj4mRE-GH8j%2B-Rd4GL85w%40mail.gmail.com.
