I just realized that we can still make M123 so I plan to do so unless there are any objections.
On Thu, Feb 8, 2024 at 2:29 PM Jonathan Hao <[email protected]> wrote: > Here's a public version of the design doc: > https://docs.google.com/document/d/1QyFqHCgZLmEfy0wbgXNgce9zKpZVaqSpQY3JleFWrk0/edit?usp=sharing > > On Wed, Feb 7, 2024 at 5:22 PM Daniel Bratell <[email protected]> wrote: > >> LGTM3 to add a warning. >> >> Normally we don't like open ended deprecation warnings, end, which this >> is, but this should be a rare warning, except possibly in enterprise >> situations, and even there, warnings might trigger some feedback from a >> group that is normally not aware of upcoming changes. >> >> /Daniel >> On 2024-02-07 14:40, Yoav Weiss (@Shopify) wrote: >> >> LGTM2 >> >> On Fri, Feb 2, 2024 at 11:10 PM Mike Taylor <[email protected]> >> wrote: >> >>> Correction: LGTM1, conditioned on requesting Enterprise, Debuggability, >>> and Testing bits in chromestatus. :) >>> On 2/2/24 5:09 PM, Mike Taylor wrote: >>> >>> LGTM1 >>> On 2/2/24 11:17 AM, Jonathan Hao wrote: >>> >>> Contact emails [email protected] >>> >>> Explainer >>> https://github.com/WICG/private-network-access/blob/main/explainer.md >>> >>> Specification https://wicg.github.io/private-network-access >>> >>> Design docs >>> >>> https://docs.google.com/document/d/1UqkJsc2VZ4bXmZkVxh-EPyBFEtdxX9p2zX4sxzAj754/edit?usp=sharing&resourcekey=0-7cfhrTo57AElxA6M9EVScg >>> >>> Summary >>> >>> Before a website A navigates to another site B in the user's private >>> network, this feature does the following: >>> 1. Checks whether the request has been initiated from a secure context >>> 2. Sends a preflight request, and checks whether B responds with a >>> header that allows private network access. >>> >>> The above checks are made to protect the user's private network. There >>> are already features for subresources and workers, but this one is for >>> navigation requests specifically. >>> >>> >>> Since this feature is the "warning-only" mode, we do not fail the >>> requests if any of the checks fails. Instead, a warning will be shown in >>> the DevTools, to help developers prepare for the coming enforcement. >>> >>> >>> Blink component Blink>SecurityFeature>CORS>PrivateNetworkAccess >>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3ESecurityFeature%3ECORS%3EPrivateNetworkAccess> >>> >>> Motivation >>> >>> To prevent malicious websites from pivoting through the user agent's >>> network position to attack devices and services which reasonably assumed >>> they were unreachable from the Internet at large, by virtue of residing on >>> the user’s local intranet or the user's machine. >>> >>> >>> Initial public proposal >>> https://discourse.wicg.io/t/transfer-cors-rfc1918-and-hsts-priming-to-wicg/1726 >>> >>> TAG review https://github.com/w3ctag/design-reviews/issues/572 >>> >>> TAG review status Issues addressed >>> >>> Risks >>> >>> >>> Interoperability and Compatibility >>> >>> Since we don't enforce the checks and only show warnings, there isn't >>> any compatibility risks on the client side. On the server side, it >>> shouldn't pose any risk either as the server can ignore the preflight >>> requests. >>> >>> >>> *Gecko*: Positive ( >>> https://github.com/mozilla/standards-positions/issues/143) >>> >>> https://mozilla.github.io/standards-positions/#cors-and-rfc1918 makes >>> it a bit clearer that this is indeed positive (vs the issue). >>> >>> >>> *WebKit*: Positive ( >>> https://github.com/WebKit/standards-positions/issues/163) Safari >>> disagrees with the spec name and header names, but still overall positive. >>> >>> *Web developers*: Mixed signals Anecdotal evidence so far suggests that >>> most web developers are OK with this new requirement, though some do not >>> control the target endpoints and would be negatively impacted. >>> >>> *Other signals*: >>> >>> Security >>> >>> This change aims to be security-positive, preventing CSRF attacks >>> against soft and juicy targets such as router admin interfaces. DNS >>> rebinding threats were of particular concern during the design of this >>> feature: >>> https://docs.google.com/document/d/1FYPIeP90MQ_pQ6UAo0mCB3g2Z_AynfPWHbDnHIST6VI/edit#heading=h.189j5gnadts9 >>> >>> >>> WebView application risks >>> >>> Does this intent deprecate or change behavior of existing APIs, such >>> that it has potentially high risk for Android WebView-based applications? >>> >>> None >>> >>> >>> Debuggability >>> >>> Relevant information (client and resource IP address space) is already >>> piped into the DevTools network panel. Deprecation warnings and errors will >>> be surfaced in the DevTools issues panel explaining the problem when it >>> arises. >>> >>> >>> Is this feature fully tested by web-platform-tests >>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>> ? Yes >>> >>> >>> https://wpt.fyi/results/fetch/private-network-access?q=fetch%2Fprivate-network-access&run_id=5090117631868928&run_id=6245938696814592&run_id=5769215446351872&run_id=5679819023974400 >>> >>> >>> Flag name on chrome://flags None >>> >>> Finch feature name PrivateNetworkAccessForNavigations, >>> PrivateNetworkAccessForNavigationsWarningOnly >>> >>> Requires code in //chrome? False >>> >>> Tracking bug >>> https://bugs.chromium.org/p/chromium/issues/detail?id=1524350 >>> >>> Estimated milestones >>> Shipping on desktop 124 >>> Shipping on Android 124 >>> >>> Link to entry on the Chrome Platform Status >>> https://chromestatus.com/feature/4869685172764672 >>> >>> This intent message was generated by Chrome Platform Status >>> <https://chromestatus.com/>. >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "blink-dev" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOC%3DiPJ3_pVL7Tecn_3iKBMojOVPx8%3D%3DnCDQWRKetG_9WBxsWg%40mail.gmail.com >>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOC%3DiPJ3_pVL7Tecn_3iKBMojOVPx8%3D%3DnCDQWRKetG_9WBxsWg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "blink-dev" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/8f8b93f8-4358-4fdc-bfe2-d43cec3e37c1%40chromium.org >>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/8f8b93f8-4358-4fdc-bfe2-d43cec3e37c1%40chromium.org?utm_medium=email&utm_source=footer> >>> . >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOmohSLfMW08XDibmDKrCKkJOjyHj3B%2B3MsmQ4WnwxeoBk_wng%40mail.gmail.com >> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOmohSLfMW08XDibmDKrCKkJOjyHj3B%2B3MsmQ4WnwxeoBk_wng%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> >> -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOC%3DiPJ_ve9qeHStp9%2BSXxoFHV%2B11DYaYKjn51o1yhurGGEcVA%40mail.gmail.com.
