-
Notifications
You must be signed in to change notification settings - Fork 155
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dividing features across different types of policies #296
Comments
Will these different feature-types be getting different:
|
The most compelling insight from this table, I think, is that delegation and sandboxing are two different domains, and that if we're looking at splitting FP into different mechanisms, that seems like a clear distinction that we can make. Delegation matches the existing spec quite well, and if we were to focus it on just that use case, we could probably trim it down a bit, too. I'm just working on an actual proposal, but I would suggest:
|
Closing with the introduction of Document Policy; the document/full sandboxing features listed in the initial description are all movable to that mechanism (I'll open a separate issue for SyncXHR) |
As per https://github.com/w3c/webappsec-feature-policy/issues/282#issuecomment-486267212 the idea is to divide features across different policies. Here's an initial take on that using https://github.com/w3c/webappsec-feature-policy/blob/master/features.md as source:
Existing features
accelerometer
ambient-light-sensor
autoplay
camera
document-domain
fullscreen
gyroscope
magnetometer
microphone
midi
picture-in-picture
sync-xhr
usb
wake-lock
xr
Proposed features
encrypted-media
geolocation
payment
speaker
Experimental features
document-write
font-display-late-swap
layout-animations
lazyload
legacy-image-formats
oversized-images
sync-script
unoptimized-images
unsized-media
vertical-scroll
serial
(I'm not entirely sure about all of these, let's try to keep this comment updated as we reach firmer conclusions on each of them.)
The text was updated successfully, but these errors were encountered: