Intent to Ship: NDEFReader makeReadOnly()

127 views
Skip to first unread message

François Beaufort 🇫🇷

unread,
Jan 24, 2022, 8:52:26 AM1/24/22
to blink-dev

Contact emails

fbea...@google.com


Explainer

https://github.com/w3c/web-nfc/blob/gh-pages/EXPLAINER.md

https://github.com/w3c/web-nfc/pull/636


Specification

https://w3c.github.io/web-nfc/#dom-ndefreader-makereadonly

https://github.com/w3c/web-nfc/pull/632


Summary

The NDEFReader makeReadOnly() method allows web developers to make NFC tags permanently read-only with Web NFC.


Blink component

Blink>NFC


Motivation

Since we’ve shipped Web NFC in Chrome 89, developers have been asking for a way to “lock” NFC tags to prevent malicious users from overwriting their content. See https://github.com/w3c/web-nfc/issues/558
This operation is a one-way process and cannot be reversed. Once an NFC tag has been made read-only, it can't be written anymore.


Existing Web NFC restrictions apply to makeReadOnly(): It is only available to top-level frames and secure browsing contexts (HTTPS only). Origins must first request the "nfc" permission while handling a user gesture (e.g. a button click). To then make the NFC tag read-only, the web page must be visible when the user touches an NFC tag with their device, while still handling a user gesture. The browser uses haptic feedback to indicate a tap. Access to the NFC radio is blocked if the display is off or the device is locked. When a page is placed in the background, receiving and pushing NFC content is suspended.

TAG review

This small addition to the Web NFC API doesn’t seem to qualify for a TAG review. Note that the Security and Privacy section was updated based on last TAG review feedback at https://github.com/w3ctag/design-reviews/issues/461


TAG review status

Not Applicable


Risks


Interoperability and Compatibility


This small addition to the NDEFReader object does not change the overall status of Web NFC interoperability or compatibility.


Signals from other implementations (Gecko, WebKit): 


Gecko: No Signal [1]

WebKit: No Signal [1]

Web / Framework developers: Positive https://twitter.com/quicksave2k/status/1465615447806681090


[1] Both Gecko and Webkit are unlikely to object to this feature specifically, but object to the overall Web NFC API as a whole, hence it doesn't make sense to bug them with specific questions on this.


Activation:

This feature can't be polyfilled. It should be fairly trivial for developers to adopt this new feature.


Debuggability

Exposing DevTools debugging support for device-access APIs (Web NFC included) is discussed at https://bugs.chromium.org/p/chromium/issues/detail?id=1142566. For now, affordable NFC tags are required to debug Web NFC.


Is this feature fully tested by web-platform-tests?

Yes. This feature will be fully tested at https://wpt.fyi/results/web-nfc


Requires code in //chrome?

True. The permission prompt text will be updated and current NFC permissions reset so that users clearly know which permission they’re granting to websites.


Tracking bug

https://bugs.chromium.org/p/chromium/issues/detail?id=1275576


Estimated milestones

M100


Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/5700853265596416


Links to previous Intent discussions

Intent to prototype: https://groups.google.com/a/chromium.org/g/blink-dev/c/iyljeGnIct8/m/tonTVszmCAAJ

Yoav Weiss

unread,
Jan 26, 2022, 4:43:53 PM1/26/22
to blink-dev, François Beaufort
LGTM1



On Monday, January 24, 2022 at 9:52:26 AM UTC+1 François Beaufort wrote:

Contact emails

fbea...@google.com


Explainer

https://github.com/w3c/web-nfc/blob/gh-pages/EXPLAINER.md

https://github.com/w3c/web-nfc/pull/636


Specification

https://w3c.github.io/web-nfc/#dom-ndefreader-makereadonly

https://github.com/w3c/web-nfc/pull/632


Summary

The NDEFReader makeReadOnly() method allows web developers to make NFC tags permanently read-only with Web NFC.


Blink component

Blink>NFC


Motivation

Since we’ve shipped Web NFC in Chrome 89, developers have been asking for a way to “lock” NFC tags to prevent malicious users from overwriting their content. See https://github.com/w3c/web-nfc/issues/558


This seems like a needed use case from the issue comments. Thanks for tackling it!

Mike Taylor

unread,
Jan 26, 2022, 4:44:34 PM1/26/22
to Yoav Weiss, blink-dev, François Beaufort
LGTM2
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/2f880809-71e1-4e30-b21f-b13d8069ead0n%40chromium.org.


mkwst via Chromestatus

unread,
Jan 26, 2022, 4:45:46 PM1/26/22
to blin...@chromium.org
LGTM2. I'm happy to see that y'all cooperated well with the security/privacy folks to land on a permission model/string that made sense, and agree with Yoav that there's reasonable evidence of desire for this functionality. -mike

chrishtr via Chromestatus

unread,
Jan 26, 2022, 4:52:58 PM1/26/22
to blin...@chromium.org
LGTM3

chrishtr via Chromestatus

unread,
Jan 26, 2022, 5:04:32 PM1/26/22
to blin...@chromium.org
LGTM3

François Beaufort

unread,
Jan 26, 2022, 5:26:03 PM1/26/22
to blink-dev, chrishtr via Chromestatus
Thank you all!

Note that this intent is for Android only, as Web NFC is available on Android only as well.
This information was captured in the chrome status entry (https://chromestatus.com/feature/5700853265596416).

On Wednesday, January 26, 2022 at 6:04:32 PM UTC+1 chrishtr via Chromestatus wrote:
LGTM3
Reply all
Reply to author
Forward
0 new messages