Just a quick heads-up: I'm planning to prototype Direct Sockets support in Shared & Service Workers in Isolated Web Apps. You can find more details in the corresponding ChromeStatus entry here: https://chromestatus.com/feature/5169039028256768. There will also be a separate Intent-to-Ship submitted eventually.
Kind regards, Andrew On Wednesday, September 11, 2024 at 6:05:39 PM UTC+2 Vladimir Levin wrote: > LGTM3 for the IWAs in its current form where it is limited to enterprise > customers. This and features similar to this would need to be revisited if > IWAs shift to a more public audience. If and when that happens, it would be > nice to understand the vetting / review process to judge whether some of > these features can be available more publicly. > > On Wed, Aug 28, 2024 at 1:25 PM Reilly Grant <rei...@chromium.org> wrote: > >> The Promise returned by the "opened" attribute serves that purpose. We >> used this pattern because it aligns with the WebSocketStream and >> WebTransport constructors. >> Reilly Grant | Software Engineer | rei...@chromium.org | Google Chrome >> <https://www.google.com/chrome> >> >> >> On Wed, Aug 28, 2024 at 8:55 AM Alex Russell <sligh...@chromium.org> >> wrote: >> >>> In today's API OWNERS meeting, Jeff raised the concern that this API >>> design doesn't follow our general guidance for having a Promise-returning >>> `request*()` method that integrates with the Permissions API and allows the >>> UA to inject controls (including, potentially, user prompts). This is our >>> long-running pattern for gating exotic APIs, including all of the Fugu APIs. >>> >>> Is there a reason this wasn't adopted here? Even in cases where an admin >>> blesses an IWA, we should expect there to be cases where we'll want async >>> gating for things like policy controls. >>> >>> Best, >>> >>> Alex >>> >>> On Wednesday, August 28, 2024 at 6:37:49 AM UTC-7 Mike Taylor wrote: >>> >>>> LGTM2 >>>> On 8/28/24 8:03 AM, Yoav Weiss (@Shopify) wrote: >>>> >>>> LGTM1 - the use case is clear, as well as the dangers of enabling this >>>> over the open web. Confining this API to IWAs seems to strike a reasonable >>>> balance. >>>> >>>> On Mon, Aug 19, 2024 at 3:46 PM 'Randell Jesup' via blink-dev < >>>> blin...@chromium.org> wrote: >>>> >>>>> This was not closed by Mozilla with no opinion, it was closed as >>>>> Harmful. >>>>> >>>>> Randell Jesup, Mozilla Networking Team >>>>> >>>>> On Tue, Aug 13, 2024, 2:59 PM Chromestatus < >>>>> ad...@cr-status.appspotmail.com> wrote: >>>>> >>>>>> Contact emails green...@google.com >>>>>> >>>>>> Explainer >>>>>> https://github.com/WICG/direct-sockets/blob/main/docs/explainer.md >>>>>> >>>>>> Specification https://wicg.github.io/direct-sockets >>>>>> >>>>>> Summary >>>>>> >>>>>> Allows Isolated Web Apps to establish direct transmission control >>>>>> protocol (TCP) and user datagram protocol (UDP) communications with >>>>>> network >>>>>> devices and systems as well as listen to and accept incoming connections. >>>>>> >>>>>> >>>>>> Blink component Blink>Network>Direct Sockets >>>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3ENetwork%3EDirect%20Sockets> >>>>>> >>>>>> >>>>>> Search tags networking <http:///features#tags:networking>, TCP >>>>>> <http:///features#tags:TCP>, UDP <http:///features#tags:UDP>, sockets >>>>>> <http:///features#tags:sockets> >>>>>> >>>>>> TAG review https://github.com/w3ctag/design-reviews/issues/548 >>>>>> >>>>>> TAG review status Pending >>>>>> >>>>>> Risks >>>>>> >>>>>> >>>>>> Interoperability and Compatibility >>>>>> >>>>>> Other browsers may choose to implement this API. >>>>>> >>>>>> >>>>>> *Gecko*: Closed Without a Position ( >>>>>> https://github.com/mozilla/standards-positions/issues/431) >>>>>> >>>>>> *WebKit*: No signal >>>>>> >>>>>> *Web developers*: Positive ( >>>>>> https://discourse.wicg.io/t/filling-the-remaining-gap-between-websocket-webrtc-and-webtranspor/4366) >>>>>> >>>>>> Numerous potential use cases have been suggested. >>>>>> >>>>>> *Other signals*: >>>>>> >>>>>> Security >>>>>> >>>>>> Various security risks and mitigations are noted in >>>>>> https://github.com/WICG/raw-sockets/blob/master/docs/explainer.md#security-considerations >>>>>> >>>>>> This is a powerful API. Users will have the opportunity to give Isolated >>>>>> Web Apps access to local hardware, and information systems behind >>>>>> organization firewalls. Mitigations are designed to ensure this cannot >>>>>> happen accidentally, and only through enterprise policies or the >>>>>> friction >>>>>> of installing a native app. >>>>>> >>>>>> >>>>>> WebView application risks >>>>>> >>>>>> Does this intent deprecate or change behavior of existing APIs, such >>>>>> that it has potentially high risk for Android WebView-based applications? >>>>>> >>>>>> N/A. Feature not compiled in Android. >>>>>> >>>>>> >>>>>> Debuggability >>>>>> >>>>>> The code using this API can be debugged using the standard tools. >>>>>> Integrating the API with the DevTools Networking tab to enable easier >>>>>> introspection of the state of these connections as well as the data >>>>>> transferred could be a beneficial future improvement. >>>>>> >>>>>> >>>>>> Will this feature be supported on all six Blink platforms (Windows, >>>>>> Mac, Linux, ChromeOS, Android, and Android WebView)? No >>>>>> >>>>>> This feature is implemented on desktop platforms, although it will >>>>>> only be available to the end users on platforms that support Isolated >>>>>> Web >>>>>> Apps, which is currently only ChromeOS. Android is excluded for >>>>>> historical >>>>>> reasons, although there are no apparent interoperability blockers here. >>>>>> >>>>>> >>>>>> Is this feature fully tested by web-platform-tests >>>>>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>>>>> ? Yes >>>>>> >>>>>> These tests require a specific --isolated-context-origins flag to be >>>>>> tested in WPTs, so they're run as a part of a virtual suite and are not >>>>>> reflected on wpt.fyi. >>>>>> >>>>>> >>>>>> Flag name on chrome://flags #enable-direct-sockets-web-api >>>>>> >>>>>> Finch feature name DirectSockets >>>>>> >>>>>> Requires code in //chrome? False >>>>>> >>>>>> Tracking bug >>>>>> https://bugs.chromium.org/p/chromium/issues/detail?id=909927 >>>>>> >>>>>> Launch bug https://launch.corp.google.com/launch/4339602 >>>>>> >>>>>> Measurement We have the following histograms for tracking network >>>>>> failures upon creating sockets (prefixed with DirectSockets.*): - >>>>>> TCPNetworkFailures - UDPNetworkFailures - TCPServerNetworkFailures >>>>>> Separate >>>>>> programmatic counters for the .idl methods and attributes (via >>>>>> MeasureAs) >>>>>> are also included to track the stats for API usage. >>>>>> >>>>>> Availability expectation Feature is available only in Isolated Web >>>>>> Apps on desktop platforms. >>>>>> https://chromestatus.com/feature/5146307550248960 >>>>>> >>>>>> Adoption expectation Expected to be used initially by a small number >>>>>> of developers inside Isolated Web Apps. >>>>>> >>>>>> Adoption plan Working directly with developers that are planning to >>>>>> rely on the API. >>>>>> >>>>>> Non-OSS dependencies >>>>>> >>>>>> Does the feature depend on any code or APIs outside the Chromium open >>>>>> source repository and its open-source dependencies to function? >>>>>> None >>>>>> >>>>>> Sample links >>>>>> https://github.com/GoogleChromeLabs/telnet-client >>>>>> >>>>>> Estimated milestones >>>>>> Shipping on desktop 130 >>>>>> >>>>>> Anticipated spec changes >>>>>> >>>>>> Open questions about a feature may be a source of future web compat >>>>>> or interop issues. Please list open issues (e.g. links to known github >>>>>> issues in the project for the feature specification) whose resolution >>>>>> may >>>>>> introduce web compat/interop risk (e.g., changing to naming or structure >>>>>> of >>>>>> the API in a non-backward-compatible way). >>>>>> None >>>>>> >>>>>> Link to entry on the Chrome Platform Status >>>>>> https://chromestatus.com/feature/6398297361088512?gate=6732051726729216 >>>>>> >>>>>> This intent message was generated by Chrome Platform Status >>>>>> <https://chromestatus.com>. >>>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "blink-dev" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to blink-dev+...@chromium.org. >>>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/000000000000c7b248061f910247%40google.com >>>>>> >>>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/000000000000c7b248061f910247%40google.com?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "blink-dev" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to blink-dev+...@chromium.org. >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CACBzDhv-M2OsMcRKnHsKsuQwHW5O2SDoavGj9uVr%3DFCKc7U2Cg%40mail.gmail.com >>>>> >>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CACBzDhv-M2OsMcRKnHsKsuQwHW5O2SDoavGj9uVr%3DFCKc7U2Cg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "blink-dev" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to blink-dev+...@chromium.org. >>>> >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOmohSKPm8tu-xSiEVnvgggte_zY_TnqRZenebkCP69iAyV7qA%40mail.gmail.com >>>> >>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOmohSKPm8tu-xSiEVnvgggte_zY_TnqRZenebkCP69iAyV7qA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "blink-dev" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to blink-dev+...@chromium.org. >>> To view this discussion on the web visit >>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/82541dfc-0611-4c6c-a1af-6249c9bc0a0an%40chromium.org >>> >>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/82541dfc-0611-4c6c-a1af-6249c9bc0a0an%40chromium.org?utm_medium=email&utm_source=footer> >>> . >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to blink-dev+...@chromium.org. >> > To view this discussion on the web visit >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEmk%3DMaHeCx4cFun1Ur%3DwwVE_J6kmhquXqjaLeU8xsSkzPtHNw%40mail.gmail.com >> >> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEmk%3DMaHeCx4cFun1Ur%3DwwVE_J6kmhquXqjaLeU8xsSkzPtHNw%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/1f67c216-7a70-493c-9750-1fb64894cf3fn%40chromium.org.
