Update: default Permissions-Policy to remain *

已查看 3,422 次
跳至第一个未读帖子

Maud Nalpas

未读,
2023年3月2日 09:46:282023/3/2
收件人 Attribution Reporting API announcements

Hi API testers,

In order to easen API usage even after the testing phase, the default allowlist for the Attribution Reporting API Permissions-Policy will remain *. This means that no explicit Permissions-Policy will be needed on cross-origin iframes. By default, the Attribution Reporting API will be enabled in these frames.
We're continuing to investigate permissions policy changes that would support the ecosystem while retaining some level of opt-in. Your input on this is welcome.

Note: this essentially means that the change announced for Chrome 106 on Permissions-Policy—that is, the current behavior in Chrome—will remain.


Documentation
Review the updated Handbook > Permissions section for details.

What should you do?

  • No code changes are needed.
  • If you had plans to work with publishers and DSPs to add the policy as initially recommended, you don't need to anymore.
  • You should still feature-detect the API, in case the embedding site explicitly disallows the API.
  • You can safely ignore DevTools hints to add the Permissions-Policy for the future; we're currently removing these.

回复全部
回复作者
转发
0 个新帖子