On Wed, Jul 18, 2018 at 5:31 PM, Boris Zbarsky <bzbar...@mit.edu> wrote:
> If the intent is that the default behavior is to speak http, what are the
> committee's thoughts on things like sandboxing, spectre mitigations,
> process-per-origin, etc?
> This last is particularly concerning in terms of API surface, because
> interfacing with a multiprocess embedded browser might be quite different
> from interfacing with a single-process one...

As the proposal doesn't address this explicitly, I can only speculate
(no pun intended) as to the author's intentions, but I would assume
that the web platform implementation's usual policies would apply;
that is, if its policy is to spin up a new process for every origin,
then it will do so when used via web_view as well. (Of course, library
vendors may expose vendor- or platform-specific ways to tweak the
behaviour of the implementation (think "flipping prefs") if there's
demand for that.)

The proposal hasn't been presented to the committee yet, so I can't
speak to the committee's thoughts either, but I predict that there
would be opposition to a design that fundamentally lacks security
protections that would be present when using the web platform
implementation in a usual browser context.

dev-platform mailing list

Reply via email to