LGTM to experiment M110-M112 (inclusive) On Tue, Jan 17, 2023 at 9:54 AM Daisuke Enomoto <denom...@chromium.org> wrote:
> API owners, > > We would like to extend the origin trial for 3 additional milestones, with > the extension starting in 110 continuing through 112. The initial > experiment was approved for the OT running from 107 through 109. > > Contact emails > > fer...@chromium.org > > Explainer > > > https://github.com/fergald/docs/blob/master/explainers/permissions-policy-unload.md > > Specificationhttps://github.com/whatwg/html/pull/7915 > Summary > > This feature allows pages to disable the running of unload event handlers. > The goal is to : > > - allow sites that have removed all unload handlers to ensure they do not > accidentally add new ones > > - allow sites to remove unload handlers when updating the code is > infeasible > > > Unload event handlers are problematic for various reasons and prevent use > of BFCache on Desktop (see > https://web.dev/bfcache/#never-use-the-unload-event). > > Blink componentBlink>PermissionsAPI > <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EPermissionsAPI> > TAG reviewhttps://github.com/w3ctag/design-reviews/issues/738 > TAG review status > > Pending > > Risks > > N/A > > > Interoperability and Compatibility > > > > 3rd-party frames that rely on unload may not work as expected when > navigating away. This is solvable by the frame authors by use of > alternatives to unload and is unlikely to impact users. See detailed > discussion. > > https://github.com/fergald/docs/blob/master/explainers/permissions-policy-unload.md#concerns-about-giving-embedders-control-over-the-nonexecution-of-iframe-code > > Gecko: Negative ( > https://github.com/w3c/webappsec-permissions-policy/issues/444#issuecomment-1047829132) > FF objects to this similar to sync-xhr and document-domain providing a way > to cause cross-origin interference with script. Explainer addresses this ( > https://github.com/fergald/docs/blob/master/explainers/permissions-policy-unload.md#concerns-about-giving-embedders-control-over-the-nonexecution-of-iframe-code) > At a recent TPAC meeting with Mozilla people present, no negative feedback > was received. Request for formal position is here > https://github.com/mozilla/standards-positions/issues/691 > WebKit: No signal > Web developers: Positive Private discussions with devs are positive. > Sites that have made efforts to remove all unload handlers want to use this > to prevent accidental returns. Also some providers of 3rd-party iframes > which have content outside of their control (e.g. ad network) want to > guarantee themselves to be unload-free. > https://github.com/w3c/webappsec-permissions-policy/issues/444#issuecomment-1130401722 > Also positive feedback about using this to deny unload as a source of > security problems. > https://github.com/w3c/webappsec-permissions-policy/issues/444#issuecomment-1222973324 > Other signals: TAG review is here but has no feedback on the API itself. > https://github.com/w3ctag/design-reviews/issues/738 > > > Goals for experimentation > > - > > Validate that this allows sites using it to improve their BFCache hit > rate > > Reason this experiment is being extended > > We had requested this Origin Trial to be run for 3 milestones, > specifically from 107 to 109 without realizing the Origin Trial guideline > <https://www.chromium.org/blink/launching-features/#step-5-optional-origin-trial> > suggesting 6 milestones. We would like to extend this OT for another 3 > milestones or to 112 inclusive by applying the 6 milestone guidelines we > originally missed, to give sufficient time for partners to give us feedback. > > > Ongoing technical constraints > > > Debuggability > > When this header is present, attempts to add an unload event handler will > result in an error on the console (just as would happen for any other > Permissions Policy violation). > > Will this feature be supported on all six Blink platforms (Windows, Mac, > Linux, Chrome OS, Android, and Android WebView)? > > Yes > > > Is this feature fully tested by web-platform-tests > <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> > ? > > Yes > > > Flag name > > --enable-features=PermissionsPolicyUnload > > or via Origin Trial Token > <https://developer.chrome.com/origintrials/#/view_trial/1012184016251518977> > > > Tracking bughttps://crbug.com/1324111 > > > Launch bug > > https://launch.corp.google.com/launch/4200516 > > > Estimated milestones > > OriginTrial desktop last (new request) > > 112 > > OriginTrial desktop last > > 109 > > OriginTrial desktop first > > 107 > > OriginTrial desktop last (new request) > > 112 > > OriginTrial Android last > > 109 > > OriginTrial Android first > > 107 > > > Link to entry on the Chrome Platform Status > https://chromestatus.com/feature/5760325231050752 > > > Links to previous Intent discussions > > Intent to prototype: > https://groups.google.com/a/chromium.org/g/blink-dev/c/ryjRQsxyo2Y/m/xOPh6glQBAAJ > > Ready for Trial: > https://groups.google.com/a/chromium.org/g/blink-dev/c/38Dpu-uhwFc > Intent to Experiment: > https://groups.google.com/a/chromium.org/g/blink-dev/c/RhzscAx3qc8/m/qgBkBFmzAgAJ?utm_medium=email&utm_source=footer > > > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAA5e69_hiyb60B9h6d88ccuoDavYnqDg89LUkgcG6iozfD8e0w%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAA5e69_hiyb60B9h6d88ccuoDavYnqDg89LUkgcG6iozfD8e0w%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfXQW2uiML6cJhR_OxgSwSdGndHkkQXVNJt-uwr_BgjwyA%40mail.gmail.com.
