Contact emails cl...@google.com
Explainer https://github.com/WICG/document-isolation-policy/blob/main/README.md Specification https://wicg.github.io/document-isolation-policy Summary Document-Isolation-Policy allows a document to enable crossOriginIsolation for itself, without having to deploy COOP or COEP, and regardless of the crossOriginIsolation status of the page. The policy is backed by process isolation. Additionally, the document non-CORS cross-origin subresources will either be loaded without credentials or will need to have a CORP header. Blink component Blink>SecurityFeature TAG review https://github.com/w3ctag/design-reviews/issues/995 TAG review status Pending Origin Trial Name Document Isolation Policy Chromium Trial Name DocumentIsolationPolicy Origin Trial documentation link https://github.com/WICG/document-isolation-policy WebFeature UseCounter name kDocumentIsolationPolicyRequireCorp Risks Interoperability and Compatibility None Gecko: No signal (https://github.com/mozilla/standards-positions/issues/1074) WebKit: Negative (https://github.com/WebKit/standards-positions/issues/399) Safari is concerned about our first version of the API for Android, which would have us not provide access to crossOriginIsolation-gated API on very low end devices. We have revised this plan, and plan to launch on low end Android as well. Web developers: Positive (https://github.com/WICG/proposals/issues/145) See the initial WICG proposal. We've also been in touch with developers at Google and Microsoft who think the proposed API will allow them to use Shared-Array-Buffers. Gmail, Google Meet and Zoom have experimented the feature during Origin Trial. While they still have work to do to fully roll it out, they now see deploying crossOriginIsolation as possible. Deploying crossOriginIsolation using COOP and COEP was previously impossible for them. Other signals: WebView application risks Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications? We have no plans on launching the feature in Android WebView in the foreseeable future due to lack of process isolation in Android WebView. Debuggability None Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, ChromeOS, Android, and Android WebView)? No We are planning to launch in M137 on desktop only (ChromeOS, Linux, Windows, MacOS). Android requires more development work due to the different process allocation model. We will add support on Android as soon as possible. However, we'd like to launch for desktop as soon as possible to help developers currently in the ungated SAB reverse origin trial get off the deprecation OT. Support on Android WebView is not possible due to the lack of process isolation. Is this feature fully tested by web-platform-tests? Yes https://wpt.fyi/results/html/document-isolation-policy?label=experimental&label=master&aligned Flag name on about://flags None Finch feature name DocumentIsolationPolicy Rollout plan Will ship enabled for all users Requires code in //chrome? False Tracking bug https://g-issues.chromium.org/issues/333029146 Availability expectation As of now, other browser vendors have not given us signals that they plan to implement this. Adoption expectation Gmail, Google Meet and Zoom are interested in rolling out the feature to gain access to SharedArrayBuffers. They will need a bit more work, but we expect that they will be rolling it out in the next 12 months. Estimated milestones Shipping on desktop 137 Origin trial desktop first 132 Origin trial desktop last 134 Origin trial extension 1 end milestone 136 Anticipated spec changes Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (eg links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (eg, changing to naming or structure of the API in a non-backward-compatible way). None Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5141940204208128?gate=5070133686173696 Links to previous Intent discussions Intent to Prototype: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOmohS%2BzyOX6amnva6t_HBsXPXAFoZEri7A78ka7-OwA66B%3Dmw%40mail.gmail.com Intent to Experiment: https://groups.google.com/a/chromium.org/g/blink-dev/c/p52-T7m3rOM?e=48417069 Intent to Extend Experiment 1: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/67a63f67.2b0a0220.2908d.02b2.GAE%40google.com This intent message was generated by Chrome Platform Status. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/67ffaf02.170a0220.1ae3c6.04ef.GAE%40google.com.
