LGTM to experiment. Thank you for completing the privacy and security reviews!
On Thu, Oct 5, 2023 at 9:16 AM 'Ajay Rahatekar' via blink-dev < [email protected]> wrote: > Hi All, > > We have secured Privacy, Security and Debuggability approvals in > chromestatus for the Origin Trial. > > On Wednesday, October 4, 2023 at 12:19:30 PM UTC-7 Ajay Rahatekar wrote: > >> Thank you Yoav, for your comments. We have requested Privacy and Security >> reviews in chromestatus. The Security/Privacy questionnaire is available at >> https://github.com/w3c/window-management/blob/main/security_and_privacy_fullscreen_popups.md >> . >> >> The Privacy and Security review for this feature was started before the >> Privacy/Security gates were required in chromestatus and so reviews were >> conducted using internal process. >> https://launch.corp.google.com/launch/4263088 (Sorry, internal only) . >> >> >> On Wednesday, October 4, 2023 at 3:43:12 AM UTC-7 [email protected] >> wrote: >> >>> Personally, I'd love to see the Privacy and Security boxes in >>> chromestatus turn to green before approving this, as this seems like a >>> potentially risky feature. >>> Bonus point for pointers to public notes from that review :) >>> >>> On Wednesday, October 4, 2023 at 6:25:58 AM UTC+2 [email protected] >>> wrote: >>> >>>> Hi API Owners, >>>> >>>> Please let us know if you have any other questions or comments. The >>>> Origin Trial is planned for M119 shipping to Stable on Tue, Oct 31, 2023. >>>> >>>> Thanks in advance. >>>> >>>> -Ajay >>>> >>>> On Thursday, September 28, 2023 at 3:30:56 PM UTC-7 [email protected] >>>> wrote: >>>> >>>>> Avi: That's right, window-management permission must be granted for >>>>> this feature to work (and appropriate permission policies). If not, the >>>>> behavior falls back to opening the popup normally. >>>>> >>>>> Eric: We share your concerns. Besides the permission requirement, >>>>> existing user security mitigations prohibit popups (fullscreen or >>>>> otherwise) showing over existing HTML Fullscreen windows. Chromium-based >>>>> browsers exit HTML Fullscreen when a popup window from the opener chain is >>>>> opened or moved onto the same display. Attackers gain little advantage >>>>> using this HTML Fullscreen API entrypoint over the classic >>>>> Element.requestFullscreen(). >>>>> >>>>> >>>>> Regards, >>>>> Brad >>>>> >>>>> On Thu, Sep 28, 2023 at 1:14 PM Avi Drissman <[email protected]> wrote: >>>>> >>>> As a clarification, would this be behind and gated by the Window >>>>>> Management permission? The URLs of the spec imply that but I wanted to be >>>>>> sure. >>>>>> >>>>>> Avi >>>>>> >>>>>> On Tue, Sep 26, 2023 at 4:16 PM Brad Triebwasser <[email protected]> >>>>>> wrote: >>>>>> >>>>> Contact emails >>>>>>> >>>>>>> [email protected], [email protected] >>>>>>> >>>>>>> Explainer >>>>>>> >>>>>>> >>>>>>> https://github.com/w3c/window-management/blob/main/EXPLAINER_fullscreen_popups.md >>>>>>> >>>>>>> Specification >>>>>>> >>>>>>> >>>>>>> https://github.com/w3c/window-management/blob/main/EXPLAINER_fullscreen_popups.md#spec-changes >>>>>>> >>>>>>> Design docs >>>>>>> >>>>>>> >>>>>>> https://github.com/w3c/window-management/blob/main/security_and_privacy_fullscreen_popups.md >>>>>>> >>>>>>> Summary >>>>>>> >>>>>>> Adds the ability to open a popup directly to fullscreen. >>>>>>> >>>>>>> Adds a `fullscreen` option to the `windowFeatures` parameter to the >>>>>>> `window.open()` JavaScript API, which allows the caller to open a popup >>>>>>> directly to full-screen on the display that would contain the popup >>>>>>> (based >>>>>>> on `screenX`/`screenY`). This eliminates the need for the developer to >>>>>>> manually transition a popup into fullscreen, which could require a >>>>>>> separate >>>>>>> user activation signal. >>>>>>> >>>>>>> Blink component >>>>>>> >>>>>>> Blink>Fullscreen >>>>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EFullscreen>, >>>>>>> Blink>WindowDialog >>>>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EWindowDialog>, >>>>>>> Blink>Screen>MultiScreen >>>>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component%3ABlink%3EScreen%3EMultiScreen&can=2> >>>>>>> >>>>>>> TAG review >>>>>>> >>>>>>> https://github.com/w3ctag/design-reviews/issues/840 >>>>>>> >>>>>>> TAG review status >>>>>>> >>>>>>> Pending >>>>>>> >>>>>>> Risks >>>>>>> >>>>>>> Interoperability and Compatibility >>>>>>> >>>>>>> Gecko: No signal ( >>>>>>> https://github.com/mozilla/standards-positions/issues/714) >>>>>>> >>>>>>> WebKit: No signal ( >>>>>>> https://github.com/WebKit/standards-positions/issues/101) >>>>>>> >>>>>>> Web developers: Positive >>>>>>> https://github.com/w3c/window-placement/issues/7 >>>>>>> https://github.com/w3c/window-placement/issues/98 >>>>>>> https://github.com/w3c/window-placement/issues/92 >>>>>>> >>>>>>> Other signals: >>>>>>> >>>>>>> WebView application risks >>>>>>> >>>>>>> This feature is not supported on WebView, attempted usage will fall >>>>>>> back to existing behavior. >>>>>>> >>>>>>> Goals for experimentation >>>>>>> >>>>>>> Gather feedback from early adopters on the API shape, ease of >>>>>>> integration, edge cases that may require attention. Iterate on >>>>>>> potential UX >>>>>>> improvements related to this alternative fullscreen entrypoint. >>>>>>> >>>>>>> Ongoing technical constraints >>>>>>> >>>>>>> None >>>>>>> >>>>>>> Debuggability >>>>>>> >>>>>>> This feature utilizes the existing `windowFeatures` string parameter >>>>>>> in `window.open()` and does not modify any structured (i.e. WebIDL) API >>>>>>> surface. This feature will utilize existing fullscreen APIs which >>>>>>> developers can use for debugging (`document.fullscreenElement`, >>>>>>> `fullscreenchange`, and `fullscreenerror`, etc.), in the absence of an >>>>>>> `Element.requestFullscreen()` promise. >>>>>>> >>>>>>> Will this feature be supported on all six Blink platforms (Windows, >>>>>>> Mac, Linux, Chrome OS, Android, and Android WebView)? >>>>>>> >>>>>>> No. This feature initially only applies to desktop platforms. >>>>>>> Support for mobile platforms may be considered in the future. >>>>>>> >>>>>>> Is this feature fully tested by web-platform-tests >>>>>>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>>>>>> ? >>>>>>> >>>>>>> Mostly. Automated web platform tests are limited to single display >>>>>>> environments, so manual execution is required to test fullscreen >>>>>>> popups >>>>>>> <https://wpt.fyi/results/window-management/multi-screen-window-open-fullscreen.tentative.https.html?label=master&label=experimental&aligned> >>>>>>> across displays. (crbug.com/1252062) >>>>>>> >>>>>>> Flag name on chrome://flags >>>>>>> >>>>>>> chrome://flags/#fullscreen-popup-windows >>>>>>> >>>>>>> Finch feature name >>>>>>> >>>>>>> FullscreenPopupWindows >>>>>>> >>>>>>> Requires code in //chrome? >>>>>>> >>>>>>> False >>>>>>> >>>>>>> Tracking bug >>>>>>> >>>>>>> https://bugs.chromium.org/p/chromium/issues/detail?id=1142516 >>>>>>> >>>>>>> Launch bug >>>>>>> >>>>>>> https://launch.corp.google.com/launch/4263088 >>>>>>> >>>>>>> Estimated milestones >>>>>>> >>>>>>> OriginTrial desktop last >>>>>>> >>>>>>> 123 >>>>>>> >>>>>>> OriginTrial desktop first >>>>>>> >>>>>>> 119 >>>>>>> >>>>>>> DevTrial on desktop >>>>>>> >>>>>>> 113 >>>>>>> >>>>>>> Link to entry on the Chrome Platform Status >>>>>>> >>>>>>> https://chromestatus.com/feature/6002307972464640 >>>>>>> >>>>>>> Links to previous Intent discussions >>>>>>> >>>>>>> Intent to prototype: >>>>>>> https://groups.google.com/a/chromium.org/g/blink-dev/c/t8lL5RvfLJY >>>>>>> >>>>>>> Ready for Trial: >>>>>>> https://groups.google.com/a/chromium.org/g/blink-dev/c/EnDQsWx8cGQ >>>>>>> >>>>>> -- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "blink-dev" group. >>>>>>> >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>> send an email to [email protected]. >>>>>> >>>>>> >>>>>>> To view this discussion on the web visit >>>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALEeEUCSym%2BRaquhSMyAjwEF09dWS3zLJk97kj8XaoCscL61Fg%40mail.gmail.com >>>>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALEeEUCSym%2BRaquhSMyAjwEF09dWS3zLJk97kj8XaoCscL61Fg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>>> . >>>>>>> >>>>>> -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/1645cd4d-4b31-43e0-9f28-a36ac22bc5b8n%40chromium.org > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/1645cd4d-4b31-43e0-9f28-a36ac22bc5b8n%40chromium.org?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw9DyVbJxqFDhEoWnUf1h7jajb%3D0%2B2O4ZoQqqDhnn0Fh5Q%40mail.gmail.com.
