Contact emails
dom...@chromium.org, wjma...@chromium.org
Explainer
https://github.com/WICG/origin-isolation/blob/master/README.md
Design docs/spec
Specification sketch: https://github.com/WICG/origin-isolation/blob/master/README .md#specification-plan
Design doc: https://docs.google.com/document/d/1B-ZT6LU8jcYP9WXaJjPnxZ8HTXXjfF11R0QItBUi1wU/edit?ts=5e825cea
TAG review
https://github.com/w3ctag/design-reviews/issues/464
Summary
Origin isolation allows web developers to opt in to giving up certain cross-origin same-site access capabilities — namely synchronous scripting via document.domain, and postMessage()ing WebAssembly.Module instances. This gives the browser more flexibility in implementation technologies. In particular, in Chrome, we will use this as a hint to put the origin in its own process, subject to resource or platform limitations.
Note that there are currently some implementation bugs in how isolation requests are respected in edge-case scenarios involving subdomains and sibling iframes. These can be worked around, and will be fixed over the course of the origin trial.
It's also worth noting that in Chromium, origin isolation restricts postMessage()ing SharedArrayBuffer and WebAssembly.Memory instances, but this was only allowed in the first place because of a specification divergence, which is being fixed as a separate effort.
Goals for experimentation
The goal for this trial is to allow partners to determine whether origin isolation provides the hoped-for performance benefits, and to see the impact of different configurations. For example, partners can provide us with real world data as to how much origin-isolating increases parallelism/improves latency, using e.g. the long tasks API.
Experimental timeline
M84-M86
Ongoing technical constraints
None
Debuggability
We hope to add a devtools warning for certain potential server misconfigurations; see https://crbug.com/1066931.
Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?
Yes.
Although Android (and especially Android WebView) uses different process allocation heuristics than desktop platforms, and so origin isolation may influence those heuristics differently, the JavaScript-observable effects of isolation will be the same on all platforms.
Is this feature fully tested by web-platform-tests?
Coverage is pretty good but could be better. We'll be finishing off the test coverage according to that issue over the course of the origin trial period.
Link to entry on the Chrome Platform Status
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAM0wra-hFf8xEy0KPzsCBqWaed3%3D5G9CWYPXzrrE_%2BpOws%3D2YA%40mail.gmail.com.