Intent to Ship: form rel attribute

157 views
Skip to first unread message

Joey Arhar

unread,
May 3, 2022, 1:17:51 PM5/3/22
to blink-dev

Contact emails

jar...@chromium.org

Explainer

None

Specification

https://html.spec.whatwg.org/multipage/forms.html#attr-form-rel

Summary

This feature adds the "rel" attribute to form elements, which makes it possible to prevent window.opener from being present on websites navigated to by form elements which have rel=noopener and prevent the referer header from being sent with rel=noreferrer.



Blink component

Blink>Forms

TAG review



TAG review status

Not applicable

Risks



Interoperability and Compatibility

This has low interoperability risk because Safari has already shipped this feature. There are no negative signals from Firefox.



Gecko: No signal (https://bugzilla.mozilla.org/show_bug.cgi?id=1509346)

WebKit: Shipped/Shipping (https://bugs.webkit.org/show_bug.cgi?id=232243)

Web developers: No signals

Other signals:

Ergonomics

I don't think this feature will be used in tandem with other features.



Activation

I don't think it would be challenging for developers to start using this right away. I don't think it would be helpful to make a polyfill, build on top of this, or do significant outreach. This is already documented as supporting form elements on MDN: https://developer.mozilla.org/en-US/docs/Web/HTML/Attributes/rel



Security

There are no security considerations with this feature.



WebView application risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?

This does not deprecate any APIs and does not have any particular risk for WebView.



Debuggability

No DevTools support will be needed.



Is this feature fully tested by web-platform-tests?

Yes

Flag name



Requires code in //chrome?

False

Tracking bug

https://bugs.chromium.org/p/chromium/issues/detail?id=931209

Estimated milestones

103



Anticipated spec changes

Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).

No anticipated spec changes.

Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/5139812343349248

This intent message was generated by Chrome Platform Status.

Daniel Bratell

unread,
May 4, 2022, 5:48:23 AM5/4/22
to Joey Arhar, blink-dev

LGTM1

The only tangible risk I can think of is that there are sites that depend on opener but has rel=noopener in their form element. It seems unlikely and considering it's already shipped in WebKit, I think this is fine.

/Daniel

--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAK6btwKLB_Uy%2BgoHtbkNdj-mqJu7Li0g6UXmMc-vRePJDYygUQ%40mail.gmail.com.

Yoav Weiss

unread,
May 4, 2022, 5:59:16 AM5/4/22
to Daniel Bratell, Joey Arhar, blink-dev
LGTM2

On Wed, May 4, 2022 at 11:48 AM Daniel Bratell <brat...@gmail.com> wrote:

LGTM1

The only tangible risk I can think of is that there are sites that depend on opener but has rel=noopener in their form element. It seems unlikely and considering it's already shipped in WebKit, I think this is fine.

/Daniel

On 2022-05-03 19:17, Joey Arhar wrote:

Contact emails

jar...@chromium.org

Explainer

None

Specification

https://html.spec.whatwg.org/multipage/forms.html#attr-form-rel

Summary

This feature adds the "rel" attribute to form elements, which makes it possible to prevent window.opener from being present on websites navigated to by form elements which have rel=noopener and prevent the referer header from being sent with rel=noreferrer.



Blink component

Blink>Forms

TAG review



TAG review status

Not applicable

Risks



Interoperability and Compatibility

This has low interoperability risk because Safari has already shipped this feature. There are no negative signals from Firefox.



Gecko: No signal (https://bugzilla.mozilla.org/show_bug.cgi?id=1509346)
Can you open a Mozilla position to let them know this is shipping in Chromium? 

mkwst via Chromestatus

unread,
May 4, 2022, 9:04:57 AM5/4/22
to blin...@chromium.org
LGTM3.

Joey Arhar

unread,
May 5, 2022, 2:31:51 PM5/5/22
to mkwst via Chromestatus, blin...@chromium.org
> Can you open a Mozilla position to let them know this is shipping in Chromium?


On Wed, May 4, 2022 at 6:04 AM mkwst via Chromestatus <admin...@cr-status.appspotmail.com> wrote:
LGTM3.

--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/00000000000053ad5305de2f4534%40google.com.
Reply all
Reply to author
Forward
0 new messages