Intent to Prototype and Ship: Permissions Policy for Web Bluetooth API

171 views
Skip to first unread message

Gabriel Brito

unread,
Apr 18, 2022, 11:47:47 AM4/18/22
to blin...@chromium.org, Steve Becker, Jungkee Song

Hi,

 

Hope you are doing well. We would like to request approval for this feature. Thank you in advance!

 

 

Contact emails

gabrie...@microsoft.com

Explainer

https://webbluetoothcg.github.io/web-bluetooth/#permissions-policy

Specification

https://webbluetoothcg.github.io/web-bluetooth/#permissions-policy

Summary

Integrates the Web Bluetooth API with Permissions Policy, which should be identified by the "bluetooth" token. The Web Bluetooth API allows webpages to communicate with devices over Bluetooth. However, this API is not allowed to be used from cross-origin iframes. This integration enables this scenario while providing protection against unwanted access to Bluetooth capabilities, which requires the top-level document to explicitly allow a cross-origin iframe to use the API's methods.



Blink component

Blink>Bluetooth

Risks



Interoperability and Compatibility

Low interoperability risks, since it is an integration of the Web Bluetooth API with Permissions Policy, which is already widely adopted. Also not explicitly allowing an iframe to use bluetooth with allow="bluetooth" won't affect the current behavior.



Gecko: No signal

WebKit: No signal

Web developers: Positive (https://bugs.chromium.org/p/chromium/issues/detail?id=518042)

Other signals:

Ergonomics

No anticipated ergonomic risks.


Activation

If developers would like to provide access to Web Bluetooth to cross-origin trusted iframes, they just need to add allow="bluetooth" to it.


Security

This integration makes the Web Bluetooth API more secure while keeping the current behavior and adding more capabilities to it.


WebView application risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?

No. Web Bluetooth is not available in WebView.



Debuggability

N/A (No DevTools support needed)



Is this feature fully tested by web-platform-tests?

Yes

Flag name

No flag.

Requires code in //chrome?

False

Tracking bug

https://bugs.chromium.org/p/chromium/issues/detail?id=518042

Estimated milestones

No milestones specified



Anticipated spec changes

Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).



Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/6439287120723968

Yoav Weiss

unread,
Apr 21, 2022, 1:36:35 AM4/21/22
to blink-dev, Gabriel Brito, ste...@microsoft.com, jungke...@microsoft.com
LGTM1

On Monday, April 18, 2022 at 5:47:47 PM UTC+2 Gabriel Brito wrote:

Hi,

 

Hope you are doing well. We would like to request approval for this feature. Thank you in advance!

 

 

Contact emails

gabrie...@microsoft.com

Explainer

https://webbluetoothcg.github.io/web-bluetooth/#permissions-policy

Specification

https://webbluetoothcg.github.io/web-bluetooth/#permissions-policy

Worth mentioning the processing model which uses that new keyword. 

Also seems worth mentioning the TAG review requirement and why it's not applicable in this case. I tend to agree that it's an overkill, as adding a permission policy gate here is a well-known pattern.
 

Summary

Integrates the Web Bluetooth API with Permissions Policy, which should be identified by the "bluetooth" token. The Web Bluetooth API allows webpages to communicate with devices over Bluetooth. However, this API is not allowed to be used from cross-origin iframes. This integration enables this scenario while providing protection against unwanted access to Bluetooth capabilities, which requires the top-level document to explicitly allow a cross-origin iframe to use the API's methods.



Blink component

Blink>Bluetooth

Risks



Interoperability and Compatibility

Low interoperability risks, since it is an integration of the Web Bluetooth API with Permissions Policy, which is already widely adopted. Also not explicitly allowing an iframe to use bluetooth with allow="bluetooth" won't affect the current behavior.



Gecko: No signal

Negative is more accurate:  


WebKit: No signal

Similarly, a negative signal is more appropriate. 

Mike Taylor

unread,
Apr 25, 2022, 1:04:32 PM4/25/22
to Yoav Weiss, blink-dev, Gabriel Brito, ste...@microsoft.com, jungke...@microsoft.com
LGTM2
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/929c4b63-a112-4522-8243-7e4b26e85555n%40chromium.org.


mkwst via Chromestatus

unread,
Apr 27, 2022, 10:51:10 AM4/27/22
to blin...@chromium.org
LGTM3.

jmedley via Chromestatus

unread,
Apr 27, 2022, 2:11:25 PM4/27/22
to blin...@chromium.org
Which version of Chrome are you hoping to ship in?
Reply all
Reply to author
Forward
0 new messages