https://webbluetoothcg.github.io/web-bluetooth/#permissions-policy
https://webbluetoothcg.github.io/web-bluetooth/#permissions-policy
Integrates the Web Bluetooth API with Permissions Policy, which should be identified by the "bluetooth" token. The Web Bluetooth API allows webpages to communicate with devices over Bluetooth. However, this API is not allowed to be used from cross-origin iframes. This integration enables this scenario while providing protection against unwanted access to Bluetooth capabilities, which requires the top-level document to explicitly allow a cross-origin iframe to use the API's methods.
Low interoperability risks, since it is an integration of the Web Bluetooth API with Permissions Policy, which is already widely adopted. Also not explicitly allowing an iframe to use bluetooth with allow="bluetooth" won't affect the current behavior.
Gecko: No signal
WebKit: No signal
Web developers: Positive (https://bugs.chromium.org/p/chromium/issues/detail?id=518042)
Other signals:
No anticipated ergonomic risks.
If developers would like to provide access to Web Bluetooth to cross-origin trusted iframes, they just need to add allow="bluetooth" to it.
This integration makes the Web Bluetooth API more secure while keeping the current behavior and adding more capabilities to it.
Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?
No. Web Bluetooth is not available in WebView.
N/A (No DevTools support needed)
Yes
No flag.
False
https://bugs.chromium.org/p/chromium/issues/detail?id=518042
No milestones specified
Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).
Hi,
Hope you are doing well. We would like to request approval for this feature. Thank you in advance!
Contact emails
Explainer
https://webbluetoothcg.github.io/web-bluetooth/#permissions-policy
Specification
https://webbluetoothcg.github.io/web-bluetooth/#permissions-policy
Summary
Integrates the Web Bluetooth API with Permissions Policy, which should be identified by the "bluetooth" token. The Web Bluetooth API allows webpages to communicate with devices over Bluetooth. However, this API is not allowed to be used from cross-origin iframes. This integration enables this scenario while providing protection against unwanted access to Bluetooth capabilities, which requires the top-level document to explicitly allow a cross-origin iframe to use the API's methods.
Blink component
Risks
Interoperability and Compatibility
Low interoperability risks, since it is an integration of the Web Bluetooth API with Permissions Policy, which is already widely adopted. Also not explicitly allowing an iframe to use bluetooth with allow="bluetooth" won't affect the current behavior.
Gecko: No signal
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/929c4b63-a112-4522-8243-7e4b26e85555n%40chromium.org.