Web-Facing Change PSA: Permission policies for Direct Sockets API in Isolated Web Apps

6 views
Skip to first unread message

Bhaskar Sharma

unread,
11:19 AM (5 hours ago) 11:19 AM
to blin...@chromium.org
Contact emails

Specification

Summary

The "direct-sockets-private" blanket permission policy in Isolated Web Apps is being replaced by the more granular "local-network" and "loopback-network" permission policies.

Connecting via TCP direct sockets or UDP direct sockets in connected mode will now require specific permission policies based on the target address space:

  - Connecting to addresses within the local network address space requires the "local-network" permission policy.
  - Connecting to addresses within the loopback network address space requires the "loopback-network" permission policy.

For UDP direct sockets in bound mode, the requirements are more stringent: both the "local-network" and "loopback-network" permission policies are required regardless of the specific address being utilized.

Blink component

Blink>Network>Direct Sockets

Risks

Interoperability and Compatibility

Gecko & WebKit: No signal. Direct Sockets are only available on Isolated Web Apps which are only available on ChromeOS.

Web developers: Update "direct-sockets-private" permission policy with the relevant "local-network" and "loopback-network" permission policies in Isolated Web Apps Manifests.

Debuggability

No information provided

Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, ChromeOS, Android, and Android WebView)?

No. Only ChromeOS.

Estimated milestones
Shipping on ChromeOS151

Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/6046077976444928


Reply all
Reply to author
Forward
0 new messages