Intent to Experiment: Document-Isolation-Policy

259 views
Skip to first unread message

Chromestatus

unread,
Oct 30, 2024, 10:22:27 AMOct 30
to blin...@chromium.org, cl...@google.com

Contact emails

cl...@google.com

Explainer

https://github.com/WICG/document-isolation-policy/blob/main/README.md

Specification

https://wicg.github.io/document-isolation-policy

Summary

Document-Isolation-Policy allows a document to enable crossOriginIsolation for itself, without having to deploy COOP or COEP, and regardless of the crossOriginIsolation status of the page. The policy is backed by process isolation. Additionally, the document non-CORS cross-origin subresources will either be loaded without credentials or will need to have a CORP header.



Blink component

Blink>SecurityFeature

TAG review

https://github.com/w3ctag/design-reviews/issues/995

TAG review status

Pending

Risks



Interoperability and Compatibility

None



Gecko: No signal (https://github.com/mozilla/standards-positions/issues/1074)

WebKit: No signal (https://github.com/WebKit/standards-positions/issues/399)

Web developers: Positive (https://github.com/WICG/proposals/issues/145) See the initial WICG proposal. We've also been in touch with developers at Google and Microsoft who think the proposed API will allow them to use Shared-Array-Buffers.

Other signals:

WebView application risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?

None



Goals for experimentation



Ongoing technical constraints

None.



Debuggability

None



Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, ChromeOS, Android, and Android WebView)?

No

Our Origin Trial will only be supported on Windows, Mac and Linux at first, as support on Android requires more development work due to the different process allocation model. We will add support on Android as soon as possible. Support on Android WebView is not possible due to the lack of process isolation.



Is this feature fully tested by web-platform-tests?

Yes

https://wpt.fyi/results/html/document-isolation-policy?label=experimental&label=master&aligned



Flag name on chrome://flags

None

Finch feature name

DocumentIsolationPolicy

Requires code in //chrome?

False

Tracking bug

https://g-issues.chromium.org/issues/333029146

Estimated milestones

Origin trial desktop first 132
Origin trial desktop last 134


Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/5141940204208128?gate=5088057557778432

Links to previous Intent discussions

Intent to Prototype: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOmohS%2BzyOX6amnva6t_HBsXPXAFoZEri7A78ka7-OwA66B%3Dmw%40mail.gmail.com


This intent message was generated by Chrome Platform Status.

uazo

unread,
Oct 31, 2024, 3:56:13 AMOct 31
to blink-dev, Chromestatus, cl...@google.com
> Tracking bug

Could you kindly make the bugid visible?
thank you!

Mike Taylor

unread,
Oct 31, 2024, 1:16:37 PMOct 31
to cl...@google.com, Chromestatus, blink-dev

LGTM to experiment from 132 to 134 inclusive.

--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/2862bb57-5bac-46e9-86b6-4294083fb8a5n%40chromium.org.
Reply all
Reply to author
Forward
0 new messages