Intent to Prototype: Realms Initialization Control
Chromestatus
Contact emails
weizm...@gmail.com, yoav....@shopify.comExplainer
https://github.com/WICG/Realms-Initialization-ControlSpecification
https://github.com/WICG/Realms-Initialization-ControlSummary
Support a new CSP directive which points to a remote (first party) script file to be loaded before any other JavaScript code within every child realm that shares an origin with the top realm of a website (such as same origin iframes and popups). This allows websites to regain control over which capabilities such a realm exposes to untrusted entities living within the website and thus allow them to tame and control it.
Blink component
BlinkMotivation
The web is a great platform for creating composable software, but not to do so securely - the environment and the APIs available make it extremely difficult for applications to contain a program without having to trust it, especially when interacting with the DOM. Unfortunately, securing a supply chain - telling good code from bad code within the dependencies from which an application is composed - is very hard. This is evident by the prevalence of services focused on detecting threats both before they get baked into an application (at build-time) and while being executed on the fly (at runtime). One way to approach this problem at runtime is by virtualization - redefining JavaScript capabilities (commonly known as monkey patching) to behave similarly while hardening them to limit how they can be used. However, due to some characteristics of how the web is designed, there are some major blockers in fully unleashing the power of virtualization in favor of introducing runtime security. One of those blockers is the lack of control web applications have over safe introduction of same origin realms into their execution environment at runtime. The motivation behind this proposal is to remove this blocker by providing developers a way to control the initialization of same origin realms to tame access to powerful capabilities those leak.
Initial public proposal
https://github.com/WICG/Realms-Initialization-ControlTAG review
NoneTAG review status
PendingRisks
Interoperability and Compatibility
None
Gecko: No signal
WebKit: No signal
Web developers: No signals
Other signals:
WebView application risks
Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?
None
Debuggability
None
Is this feature fully tested by web-platform-tests?
NoFlag name on chrome://flags
NoneFinch feature name
NoneNon-finch justification
NoneRequires code in //chrome?
TrueEstimated milestones
No milestones specified
Link to entry on the Chrome Platform Status
https://chromestatus.com/feature/5080729822953472?gate=5143912415756288
Gal Weizman
Requires code in //chrome? False
Kanaru Sato
I'm an independent contributor interested in this feature.
I'm really eager to get involved with the implementation of it or contribute in other ways.
Could you please tell me if it's possible? I've just fixed a few bugs for Blink and I might not fully understand all the rules about "Intent to" yet.
If it's not possible at this point, could you guide me on how I could get involved in the implementation of new features like this in the future?
Kanaru Sato
If it's not possible at this point, could you please guide me on how I could get involved in the implementation of new features like this in the future?
