On Wed, Jul 18, 2018 at 5:31 PM, Boris Zbarsky <bzbar...@mit.edu> wrote: > If the intent is that the default behavior is to speak http, what are the > committee's thoughts on things like sandboxing, spectre mitigations, > process-per-origin, etc? > > This last is particularly concerning in terms of API surface, because > interfacing with a multiprocess embedded browser might be quite different > from interfacing with a single-process one...
As the proposal doesn't address this explicitly, I can only speculate (no pun intended) as to the author's intentions, but I would assume that the web platform implementation's usual policies would apply; that is, if its policy is to spin up a new process for every origin, then it will do so when used via web_view as well. (Of course, library vendors may expose vendor- or platform-specific ways to tweak the behaviour of the implementation (think "flipping prefs") if there's demand for that.) The proposal hasn't been presented to the committee yet, so I can't speak to the committee's thoughts either, but I predict that there would be opposition to a design that fundamentally lacks security protections that would be present when using the web platform implementation in a usual browser context. Cheers, Botond _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
