Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Policy to Enforce/Avoid Feature Policy Propagation to Auxiliary Contexts #264

Open
ehsan-karamad opened this issue Dec 20, 2018 · 0 comments
Open

Feature Policy to Enforce/Avoid Feature Policy Propagation to Auxiliary Contexts #264

ehsan-karamad opened this issue Dec 20, 2018 · 0 comments
Labels
proposed feature

Comments

@ehsan-karamad
Copy link
Contributor

There is ongoing discussions #252 on how feature policies should be inherited by nested frames and opened windows. Considering sandbox model as a relevant model that could be used for feature policy inheritance (at least for some features), we should perhaps consider using something similar to the flag allow-popups-to-escape-sandbox.

The pull request in #259 proposes a model similar to sandbox for feature policies which proposes rel='noopener' as the method of escaping parent policies (the current draft spec for feature policy does not mention auxiliary browsing contexts yet).

I think we should also consider adding a new feature policy, say popups-escape-policies which will behave similarly to allow-popups-to-escape-sanbox for sandbox-ed frames except that the policy is applied to all frames and eventually with moving sandbox flags to feature policies, this policy will replace the sanbox flag.
aarongable pushed a commit to chromium/chromium that referenced this issue Feb 19, 2019
@ehsan-karamad
Feature-Policy: Opener policies
3940708 
This CL introduces the "inherited opener feature policies". This
includes the logic to propagate feature policy states from a browsing
context to the auxiliary browsing contexts.

As the first step (and hidden behind flag) all the feature policies
will be inherited by the auxiliary browsing context. The only exception
is when the original context is sandboxed but allows popups to escape
sandbox.

The inheritance model will be fine tuned in further work. Firstly, not
all features might follow this "sandbox-like" inheritance model. Also
possibly through introducing a new Feature Policy (that replicates
'allow-popups-to-escape-sandbox') and special casing "rel='noopener'"
there will be exit doors for the open contexts to *not* inherit the
policies.

These issues are currently publicly being tracked here:

w3c/webappsec-permissions-policy#264
w3c/webappsec-permissions-policy#252
w3c/webappsec-permissions-policy#259

Bug: 774620
Change-Id: Ic0b5ab8155c2e5d786bc51d3f9c3a601f7e4d8e9
Reviewed-on: https://chromium-review.googlesource.com/c/1384992
Reviewed-by: Ehsan Karamad <[email protected]>
Reviewed-by: Mike West <[email protected]>
Reviewed-by: Ian Clelland <[email protected]>
Reviewed-by: Nasko Oskov <[email protected]>
Commit-Queue: Ehsan Karamad <[email protected]>
Cr-Commit-Position: refs/heads/master@{#633452}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
proposed feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@clelland @ehsan-karamad