Dear WebKit folks,

We (Chromium) are adding support to use WebOTP API <>in
cross-origin iframes. As part of that we're interested in WebKit opinions
around this API.

In general WebKit and Chromium agree on the SMS format that is used in a
SMS verification process. The specification
<> editors are from Apple and
Google. On the format front, WebKit raised the initial request
<> of using
sms-one-time-code in nested frames to support third party or a separate
service run by the same party. Cross-origin iframe support was included in
the launch of the declarative API.

The difference is that Chromium uses this SMS format in an imperative API
and that is WebOTP. WebKit's position in this API was "neutral" when we
first launched it in M84. We'd like to get your fresh opinion around this
API and the support in cross-origin iframes.

Some useful links:
Chrome Platform Status
Specification <>
Design doc
TAG <>


webkit-dev mailing list

Reply via email to