An explainer (even an inline one) and pointers to the relevant spec sections would be very helpful when reviewing this intent. Thanks! :)
On Thursday, January 16, 2025 at 11:42:03 PM UTC+1 Jun Kokatsu wrote: > Contact emailsjkoka...@google.com > > Specificationhttps://github.com/w3c/webappsec-permissions-policy/pull/546 > > Summary > > Introduces a new violation type called "Potential Permissions Policy > violation", which will only look at Permissions Policy (including > report-only policy) and the allow attribute set in iframes to detect the > conflict between Permissions Policy enforced vs permissions propagated to > iframes. > > Motivation > Permissions Policy violation reports for cross-origin iframes are only > sent to the iframe's reporting endpoint and not to the embedder's reporting > endpoint, because of the concern that it might leak sensitive information > about a cross-origin iframe. However, this makes it difficult for sites to > enforce Permissions Policy because it can't learn about breakages in > cross-origin iframes. This feature introduces a new violation type called > "Potential Permissions Policy violation", which will only look at existing > Permissions Policy (including report-only policy) and the allow attribute > set in iframes to detect the conflict between Permissions Policy enforced > vs permissions being propagated to iframes. Since both Permissions Policy > and allow attributes are set by the embedder, this feature does not leak > any new information to the embedder. However, potential Permissions Policy > violations will be sent when an iframe is loaded, and not when the iframe > uses the prohibited feature, which is different from the normal Permissions > Policy violations which fires upon a feature usage (hence the name > "potential"). > > Blink componentBlink>PermissionsPolicy > <https://issues.chromium.org/issues?q=customfield1222907:%22Blink%3EPermissionsPolicy%22> > > TAG reviewNone > > TAG review statusNot applicable > > Risks > > > Interoperability and Compatibility > > None > > > *Gecko*: No signal > <https://github.com/mozilla/standards-positions/issues/1164> > > *WebKit*: No signal > <https://github.com/WebKit/standards-positions/issues/448> > > *Web developers*: No signals > > *Other signals*: > > Security > > Potential Permissions Policy violation reports should not include any new > information about cross-origin iframes > > > WebView application risks > > Does this intent deprecate or change behavior of existing APIs, such that > it has potentially high risk for Android WebView-based applications? > > None > > > Debuggability > > None > > > Will this feature be supported on all six Blink platforms (Windows, Mac, > Linux, ChromeOS, Android, and Android WebView)?No > > Is this feature fully tested by web-platform-tests > <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> > ?https://github.com/web-platform-tests/wpt/pull/49978 > > Flag name on about://flagsNone > > Finch feature namePotentialPermissionsPolicyReporting > > Requires code in //chrome?False > > Tracking bughttps://issues.chromium.org/issues/40941424 > > Estimated milestones > Shipping on desktop 134 > > Anticipated spec changes > > Open questions about a feature may be a source of future web compat or > interop issues. Please list open issues (e.g. links to known github issues > in the project for the feature specification) whose resolution may > introduce web compat/interop risk (e.g., changing to naming or structure of > the API in a non-backward-compatible way). > None > > Link to entry on the Chrome Platform Status > https://chromestatus.com/feature/5154241037205504?gate=5069369228656640 > > This intent message was generated by Chrome Platform Status > <https://chromestatus.com/>. > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/632c0ce3-63de-4d78-9ada-53c6fe40d2f9n%40chromium.org.
