Hi All, We have secured Privacy, Security and Debuggability approvals in chromestatus for the Origin Trial.
On Wednesday, October 4, 2023 at 12:19:30 PM UTC-7 Ajay Rahatekar wrote: > Thank you Yoav, for your comments. We have requested Privacy and Security > reviews in chromestatus. The Security/Privacy questionnaire is available at > https://github.com/w3c/window-management/blob/main/security_and_privacy_fullscreen_popups.md > . > > The Privacy and Security review for this feature was started before the > Privacy/Security gates were required in chromestatus and so reviews were > conducted using internal process. > https://launch.corp.google.com/launch/4263088 (Sorry, internal only) . > > > On Wednesday, October 4, 2023 at 3:43:12 AM UTC-7 [email protected] > wrote: > >> Personally, I'd love to see the Privacy and Security boxes in >> chromestatus turn to green before approving this, as this seems like a >> potentially risky feature. >> Bonus point for pointers to public notes from that review :) >> >> On Wednesday, October 4, 2023 at 6:25:58 AM UTC+2 [email protected] >> wrote: >> >>> Hi API Owners, >>> >>> Please let us know if you have any other questions or comments. The >>> Origin Trial is planned for M119 shipping to Stable on Tue, Oct 31, 2023. >>> >>> Thanks in advance. >>> >>> -Ajay >>> >>> On Thursday, September 28, 2023 at 3:30:56 PM UTC-7 [email protected] >>> wrote: >>> >>>> Avi: That's right, window-management permission must be granted for >>>> this feature to work (and appropriate permission policies). If not, the >>>> behavior falls back to opening the popup normally. >>>> >>>> Eric: We share your concerns. Besides the permission requirement, >>>> existing user security mitigations prohibit popups (fullscreen or >>>> otherwise) showing over existing HTML Fullscreen windows. Chromium-based >>>> browsers exit HTML Fullscreen when a popup window from the opener chain is >>>> opened or moved onto the same display. Attackers gain little advantage >>>> using this HTML Fullscreen API entrypoint over the classic >>>> Element.requestFullscreen(). >>>> >>>> >>>> Regards, >>>> Brad >>>> >>>> On Thu, Sep 28, 2023 at 1:14 PM Avi Drissman <[email protected]> wrote: >>>> >>> As a clarification, would this be behind and gated by the Window >>>>> Management permission? The URLs of the spec imply that but I wanted to be >>>>> sure. >>>>> >>>>> Avi >>>>> >>>>> On Tue, Sep 26, 2023 at 4:16 PM Brad Triebwasser <[email protected]> >>>>> wrote: >>>>> >>>> Contact emails >>>>>> >>>>>> [email protected], [email protected] >>>>>> >>>>>> Explainer >>>>>> >>>>>> >>>>>> https://github.com/w3c/window-management/blob/main/EXPLAINER_fullscreen_popups.md >>>>>> >>>>>> Specification >>>>>> >>>>>> >>>>>> https://github.com/w3c/window-management/blob/main/EXPLAINER_fullscreen_popups.md#spec-changes >>>>>> >>>>>> Design docs >>>>>> >>>>>> >>>>>> https://github.com/w3c/window-management/blob/main/security_and_privacy_fullscreen_popups.md >>>>>> >>>>>> Summary >>>>>> >>>>>> Adds the ability to open a popup directly to fullscreen. >>>>>> >>>>>> Adds a `fullscreen` option to the `windowFeatures` parameter to the >>>>>> `window.open()` JavaScript API, which allows the caller to open a popup >>>>>> directly to full-screen on the display that would contain the popup >>>>>> (based >>>>>> on `screenX`/`screenY`). This eliminates the need for the developer to >>>>>> manually transition a popup into fullscreen, which could require a >>>>>> separate >>>>>> user activation signal. >>>>>> >>>>>> Blink component >>>>>> >>>>>> Blink>Fullscreen >>>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EFullscreen>, >>>>>> >>>>>> Blink>WindowDialog >>>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EWindowDialog>, >>>>>> >>>>>> Blink>Screen>MultiScreen >>>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component%3ABlink%3EScreen%3EMultiScreen&can=2> >>>>>> >>>>>> TAG review >>>>>> >>>>>> https://github.com/w3ctag/design-reviews/issues/840 >>>>>> >>>>>> TAG review status >>>>>> >>>>>> Pending >>>>>> >>>>>> Risks >>>>>> >>>>>> Interoperability and Compatibility >>>>>> >>>>>> Gecko: No signal ( >>>>>> https://github.com/mozilla/standards-positions/issues/714) >>>>>> >>>>>> WebKit: No signal ( >>>>>> https://github.com/WebKit/standards-positions/issues/101) >>>>>> >>>>>> Web developers: Positive >>>>>> https://github.com/w3c/window-placement/issues/7 >>>>>> https://github.com/w3c/window-placement/issues/98 >>>>>> https://github.com/w3c/window-placement/issues/92 >>>>>> >>>>>> Other signals: >>>>>> >>>>>> WebView application risks >>>>>> >>>>>> This feature is not supported on WebView, attempted usage will fall >>>>>> back to existing behavior. >>>>>> >>>>>> Goals for experimentation >>>>>> >>>>>> Gather feedback from early adopters on the API shape, ease of >>>>>> integration, edge cases that may require attention. Iterate on potential >>>>>> UX >>>>>> improvements related to this alternative fullscreen entrypoint. >>>>>> >>>>>> Ongoing technical constraints >>>>>> >>>>>> None >>>>>> >>>>>> Debuggability >>>>>> >>>>>> This feature utilizes the existing `windowFeatures` string parameter >>>>>> in `window.open()` and does not modify any structured (i.e. WebIDL) API >>>>>> surface. This feature will utilize existing fullscreen APIs which >>>>>> developers can use for debugging (`document.fullscreenElement`, >>>>>> `fullscreenchange`, and `fullscreenerror`, etc.), in the absence of an >>>>>> `Element.requestFullscreen()` promise. >>>>>> >>>>>> Will this feature be supported on all six Blink platforms (Windows, >>>>>> Mac, Linux, Chrome OS, Android, and Android WebView)? >>>>>> >>>>>> No. This feature initially only applies to desktop platforms. >>>>>> Support for mobile platforms may be considered in the future. >>>>>> >>>>>> Is this feature fully tested by web-platform-tests >>>>>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>>>>> ? >>>>>> >>>>>> Mostly. Automated web platform tests are limited to single display >>>>>> environments, so manual execution is required to test fullscreen >>>>>> popups >>>>>> <https://wpt.fyi/results/window-management/multi-screen-window-open-fullscreen.tentative.https.html?label=master&label=experimental&aligned> >>>>>> >>>>>> across displays. (crbug.com/1252062) >>>>>> >>>>>> Flag name on chrome://flags >>>>>> >>>>>> chrome://flags/#fullscreen-popup-windows >>>>>> >>>>>> Finch feature name >>>>>> >>>>>> FullscreenPopupWindows >>>>>> >>>>>> Requires code in //chrome? >>>>>> >>>>>> False >>>>>> >>>>>> Tracking bug >>>>>> >>>>>> https://bugs.chromium.org/p/chromium/issues/detail?id=1142516 >>>>>> >>>>>> Launch bug >>>>>> >>>>>> https://launch.corp.google.com/launch/4263088 >>>>>> >>>>>> Estimated milestones >>>>>> >>>>>> OriginTrial desktop last >>>>>> >>>>>> 123 >>>>>> >>>>>> OriginTrial desktop first >>>>>> >>>>>> 119 >>>>>> >>>>>> DevTrial on desktop >>>>>> >>>>>> 113 >>>>>> >>>>>> Link to entry on the Chrome Platform Status >>>>>> >>>>>> https://chromestatus.com/feature/6002307972464640 >>>>>> >>>>>> Links to previous Intent discussions >>>>>> >>>>>> Intent to prototype: >>>>>> https://groups.google.com/a/chromium.org/g/blink-dev/c/t8lL5RvfLJY >>>>>> >>>>>> Ready for Trial: >>>>>> https://groups.google.com/a/chromium.org/g/blink-dev/c/EnDQsWx8cGQ >>>>>> >>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "blink-dev" group. >>>>>> >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>>> an email to [email protected]. >>>>> >>>>> >>>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALEeEUCSym%2BRaquhSMyAjwEF09dWS3zLJk97kj8XaoCscL61Fg%40mail.gmail.com >>>>>> >>>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALEeEUCSym%2BRaquhSMyAjwEF09dWS3zLJk97kj8XaoCscL61Fg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>> -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/1645cd4d-4b31-43e0-9f28-a36ac22bc5b8n%40chromium.org.
