Intent to Deprecate and Remove: [un]registerProtocolHandler() APIs in non-secure contexts

106 lượt xem
Chuyển tới thư đầu tiên chưa đọc

Eric Lawrence

chưa đọc,
11:41:19 20 thg 11, 201920/11/19
đến blink-dev
Intent to Deprecate and Remove: [un]registerProtocolHandler() APIs in non-secure contexts

Note: This is the same as https://groups.google.com/a/chromium.org/forum/#!searchin/blink-dev/intent|sort:date/blink-dev/0bfCDijaUzs/8-6en3oNBgAJ, but using the template in a new thread as requested. The original thread has 3 API Owner LGTMs.

Primary eng (and PM) emails

elaw...@chromium.org


Summary
HTML's registerProtocolHandler() gives a webpage a mechanism to register itself to handle a protocol after a user consents. For example, a web-based email application could register to handle the mailto: scheme. A corresponding unregisterProtocolHandler() API allows a site to abandon its protocol-handling registration.


A Chromium CL implementing this change is in review: 
 

Motivation
These two APIs expose a powerful capability (reconfigure client state, subsequently transmit potentially-sensitive data over the network) thus they should only be exposed in secure contexts. The same-origin restriction for the handler's URL target means that limiting protocol registration to secure contexts will also limit handlers to secure contexts.

A pull request to update the HTML specification https://github.com/whatwg/html/pull/5080 has been approved.

Interoperability and Compatibility Risk

Edge: Edge Spartan didn't have this API. Edge Anaheim is landing this change in Chromium.

Firefox: Supported, Firefox 62 removed this API from non-secure contexts: 

  https://www.fxsitecompat.dev/en-CA/docs/2018/support-for-registerprotocolhandler-on-insecure-sites-has-been-deprecated/

Safari: Protocol handling APIs are not supported. I'll try to find someone to comment here, but WebKit's bugs to implement the API are >7 years old, so it's unclear who might have as strong POV.


Alternative implementation suggestion for web developers

Use a secure context to call the API (e.g. turn on HTTPS).


Usage information from UseCounter

Metrics indicate that RegisterProtocolHandlerInsecureOrigin usage is very low (0.000559% of page loads).


Entry on the feature dashboard

https://chromestatus.com/feature/5756636801007616


Requesting approval to remove too?

“Yes”, in M80.

Chris Harrelson

chưa đọc,
15:31:57 21 thg 11, 201921/11/19
đến Eric Lawrence, blink-dev
Just for the record, the previous 3 LGTMs still stand.

Good luck shipping this removal!

--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/bf53f776-a57e-46f2-97f5-ad5aa1244c1e%40chromium.org.
Trả lời tất cả
Trả lời tác giả
Chuyển tiếp
0 tin nhắn mới