Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] Use IDL to control if feature is exposed #33

Merged
merged 11 commits into from
Aug 26, 2016
Merged

[WIP] Use IDL to control if feature is exposed #33

merged 11 commits into from
Aug 26, 2016

Conversation

igrigorik
Copy link
Member

@igrigorik igrigorik commented Aug 15, 2016
edited
Loading

@igrigorik igrigorik mentioned this pull request Aug 15, 2016
Closed
This was referenced Aug 15, 2016
Closed
Closed
Closed
@igrigorik
Copy link
Member Author

@raymeskhoury @clelland ptal. any red flags so far?

@clelland
Copy link
Collaborator

I think this is looking good -- I'm still thinking about the defaults matrix, but it's making more sense.

Also, you should be able to apply the [Feature] IDL attribute to an entire partial interface if you want to, rather than just the individual members; it doesn't make much difference here, but if there were a larger interface then it would make it clear that the whole thing is a single 'feature' for FP purposes.

@igrigorik
add 'usermedia' and 'webrtc' features
97243cf 
'usermedia' controls access to NavigatorUserMedia interface and defaults
to enabled by default for top-level browsing context. Nested contexts
are default off; top-level browsing context must explicitly enable
access to this feature.

'webrtc' controls access to RTCPeerConnection interface and defaults to
enabled by default for top-level and nested browsing contexts. Because
access to this interface is required to get access to data channels,
those are implicitly controlled by this keyword as well (as well as all
other webrtc features).
@igrigorik igrigorik mentioned this pull request Aug 16, 2016
Closed
@igrigorik
add 'notifications' feature
55aa0e4 
Controls access to the Notification interface and defaults to enabled
for top-level browsing contexts. Nested contexts are default off; parent
browsing context must explicitly enable the feature.

Closes #3.
@igrigorik
move feature dfn's into title
9e59702 
This way links jump to the top of the section.
@igrigorik
add 'payment' feature
23c8364 
Controls access to PaymentRequest interface and defaults to enabled for
top-level browsing contexts. Nested contexts are default off; parent
browsing context must explicitly enable the feature.

See #18.
@igrigorik igrigorik mentioned this pull request Aug 16, 2016
Closed
@igrigorik
add 'push' feature
0ba445c 
Controls access to PushManager interface and defaults to enabled for
top-level browsing contexts. Nested contexts are default off; parent
browsing context must explicitly enable the feature.
@igrigorik
add 'midi' feature
a1ae5dd 
Controls access to requestMIDIAccess method and defaults to enabled for
top-level browsing context. Nested contexts are default off; parent
browsing context must explicitly enable the feature.
@igrigorik
add 'vibrate' feature
0e2e742 
Controls access to vibrate method and defaults to enabled for top-level
browsing contexts. Nested contexts are default off; parent browsing
context must explicitly enable the feature.
@igrigorik
add 'sync-xhr' and 'sync-script' features
6720f7c 
Both are enabled by default for top-level and nested browsing contexts.
Enforcement is done by integrating with existing HTML/XHR algorithms.
@stefhak
Copy link

stefhak commented Aug 17, 2016

This mostly looks good to me. I don't remember us discussing controlling the access to webrtc in iframes, but I guess it can't hurt to have that (default is enabled).

Not related to usermedia and webrtc: at first glance I did not see how a chain of embeddings would work. I mean, if the top-level allows feature X for https://foo.com and https://bar.com, an iframe controlled by bar.com could enable or disable feature X for iframes from https://bar.com, but never enable it for other domains?

@igrigorik
Copy link
Member Author

@stefhak I haven't committed the enforcement algorithms yet (soon, stay tuned). You can see the sketch and the related discussion here: #28

@foolip
Copy link
Member

foolip commented Aug 19, 2016

Looks good to me, but I'l leave to to @alvestrand to say if the token "webrtc" is appropriate for hiding the RTCPeerConnection interface.

@igrigorik igrigorik merged commit d2127b9 into gh-pages Aug 26, 2016
@igrigorik
Copy link
Member Author

Merged. However, note that this does not (yet) reflect the latest discussions around migrating to the whitelist-only model... we'll tackle that once we have consensus on it via separate CLs.

@annevk annevk mentioned this pull request Nov 14, 2018
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@igrigorik @clelland @stefhak @foolip