FYI: Out-of-process iframes are now enabled (via --isolate-extensions)

[Charlie Reis]

TL;DR: OOPIFs are now possible in M55 on Win/Mac/Linux/ChromeOS, for isolating web content from extensions.  They are also enabled for 50% of M54 Beta users.

In case you haven't seen it in our OOPIF status emails, we have enabled --isolate-extensions mode by default in M55.  This means that Chrome will use out-of-process iframes (OOPIFs) to put web iframes in a separate process from an extension parent frame, and vice versa.  This affects Windows, Mac, Linux, and ChromeOS, but not yet Android.  50% of M54 Beta users on these platforms also have this mode enabled.

This is a big step forward for security, and it represents the first uses of OOPIFs after a long effort to update Chrome's architecture and features.  Our team is continuing to update features and fix bugs as we prepare to use OOPIFs for more use cases, including GuestViews (e.g., <webview>) evaluating --top-document-isolation mode, and ultimately Site Isolation.

If you've been putting off work to update your feature to handle OOPIFs, now is the time.  :)  Our Site Isolation team is happy to help guide you with the things we've learned so far.

Charlie Reis and the Site Isolation Team

(Also posted to chromium-dev)

[Charlie Reis]

TL;DR: --isolate-extensions mode was delayed to M56.

Back in September, we announced that we switched --isolate-extensions on by default in M55, representing the first uses of out-of-process iframes (OOPIFs).  Before the M54 Finch trial reached Chrome Stable, though, we discovered some issues that caused us to delay our launch to M56 and switch back the default.

We have now added OOPIF support for drag and drop, added the ability to print an OOPIF, and fixed a handful of other issues.  Our Finch trial is still active for 50% of Chrome Beta (M55, soon to be M56), 90% of Chrome Dev (M56, soon to be M57) and 90% of Chrome Canary.  It's on track to reach Chrome Stable in M56.

For those of you testing on trunk, --isolate-extensions is off by default for the moment, but the Site Isolation Win FYI bot provides test coverage for it.  We'll send an update when we switch it back to on by default.

Thanks!

Charlie Reis and the Site Isolation Team