You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Replace same-origin Security & Privacy requirement with Permissions Policy one (#136)
This addresses a conflict that was introduced in #121:
- The presence of the Permissions Policy integration means usage of the
Device Orientation API can be allowed in third-party iframes provided that
the right tokens are in place.
- The "Security and privacy considerations" section contains a requirement
that events are fired only on child navigables that are same-origin with
the top-level traversable.
The latter was introduced in #25 and served as a stop-gap measure before
Permissions Policy integration was added.
The current implementation status is:
- Blink never implemented the same-origin requirement, but added Permissions
Policy integration in 2018.
- WebKit has always implemented Permissions Policy integration.
- Gecko implements the same-origin requirement (see Mozilla bug 1197901).
This means we can safely replace the same-origin requirement with a
requirement to support the Permissions Policy integration, as switching from
one to the other is transparent in the sense that the exact same set of
websites that worked before will continue to work with the change, as the
features we define have a default allowlist of "self".
Fixes#133
Copy file name to clipboardExpand all lines: index.bs
+1-1Lines changed: 1 addition & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -636,7 +636,7 @@ In light of that, implementations may consider visual indicators to signify the
636
636
Furthermore, to minimize privacy risks, the chance of fingerprinting and other attacks the implementations must:
637
637
638
638
* fire events only when a [=/navigable=]'s [=navigable/active document=]'s [=visibility state=] is "<code>visible</code>",
639
-
* fire events only on the [=/top-level traversable=]'s [=navigable/active window=] and [=child navigables=]' [=navigable/active windows=] whose [=relevant settings object=]'s [=environment settings object/origin=] is [=same origin=] with the [=/top-level traversable=]'s [=navigable/active window=]'s [=relevant settings object=]'s [=environment settings object/origin=].
639
+
* implement [[#permissions-policy-integration]] so that events are fired on [=child navigables=] (including but not restricted to cross-origin ones) only if allowed by the [=/top-level traversable=],
640
640
* fire events on a [=/navigable=]'s [=navigable/active windows=] only when its [=relevant settings object=] is a [=secure context=],
641
641
* limit precision of attribute values as described in the previous sections.
0 commit comments