<object> element can tell whether child document loaded or not

[antosart]

The <iframe> element always fires a load event, protecting from the parent the information whether the child document loaded correctly.

However, the <object> element fires either load or error, depending on whether the child document loaded correctly. Should that behave like <iframe> instead, so that the information does not leak?

On top of that, <object> supports fallback rendering of its inlined content in case embedding the object data failed. That can also leak the same information.

[annevk]

Yeah, I think we generally want to make it behave more like iframe. There's a couple of issues on that already.

[domenic]

I'm adding a use counter for how often fallback occurs; we should have data from stable channel around March 7th.

[domenic]

Results from stable are in. I'm not sure why they're not showing up on ChromeStatus (seems like a bug with ChromeStatus infrastructure) but across various platforms they vary from ~0.002% of page views to ~0.009% of page views. (Android WebView is thankfully among the lowest, which is good because it is often an outlier in the opposite direction.)

Combined with the fact that the behavior if we remove this is probably not to terrible, I am optimistic about a removal. @antosart and/or @mfreed7, do you think this is something your teams would be willing to cautiously try, from the Chrome side? I would be happy to help with the spec.

[domenic]

Oh, no, I misunderstood how to use our internal tools. It looks like this is more like between 0.08% and 1.15% depending on platform. That is much less optimistic.

I'd still like to do this, but I suspect the rollout process could be more involved, with stuff like a deprecation trial, enterprise policy, etc.

It's possible that nothing will break too badly, as displaying an empty 300x150 box is not necessarily that much worse than displaying "Your computer doesn't have Silverlight, please install it from [link]". But you can imagine that breaking layouts, for sure.

[annevk]

cc @farre

[domenic]

I will not be available at the upcoming triage meeting to discuss this or #4592, but will leave them tagged in case the group wants to discuss without me; I don't think my presence is critical.

[domenic]

The data here shows about 0.8% usage: https://chromestatus.com/metrics/feature/timeline/popularity/4102

Inspecting the top 4 sites from HTTPArchive shows:

• 2 Flash <object>s which fall back to <embed>s which end up displaying "Flash is not supported". Removing them would slightly change the layout. This could maybe be mitigated with an object { display: block; } in the UA stylesheet since they do all have width="" and height="" attributes.
• 1 site where the only <object>s are used for images, which should probably not be triggering this use counter? Either a use counter bug, or the page has changed, or...
• 1 site where the <object> is falling back to an <img> that looks like a pretty intentional part of the site design
• 1 site where <object> has no attributes and seems to be being used as a <span>

Overall I'm not too optimistic about full removal of fallback behavior, and thus simplifying <object> to behave like <iframe>. I think it's doable, with concerted significant effort and communications, if @antosart or someone else wants to drive it. Maybe it's worth it, for security reasons. But it will cause decent amounts of web developer pain.

At first I thought there might be a less ambitious thing you could attempt, based on keeping the layout the same, but I realized that doesn't help: the moment you process fallback content, you are open to leaking information through other non-layout channels, like fetches.

[antosart]

Thanks for the analysis! I agree that given the data it seems ambitious to get rid of <object>. I am not working directly on these topics anymore, so I'll cc @camillelamy fyi.