Permissions Policy vs. sameOriginWithAncestors checks

[johannhof]

Here's something that came up in FedCM, which extends FederatedCredentials. FederatedCredentials rely on sameOriginWithAncestors checks to gate usage in cross-origin iframes, but higher-level abstractions such as FedCM may want to use Permissions Policy to achieve the same effect instead, with the ability for top-level sites to delegate access using e.g. the allow iframe attribute.

As I understand it it's not a problem for FedCM at the moment, because it overrides [[DiscoverFromExternalSource]] only and doesn't involve the store, create etc. methods. However, it could become a problem in the future. The answer to this could just be that these algorithms should simply be overridden, but I wanted to file an issue for posterity nonetheless.

See FedCM PR #236

[nsatragno]

It seems to me this (potential) issue is a side effect from monkey patching FederatedCredential and not a problem on the Credential Management spec itself.

Note that permission policy should be checked at the Credential Management level (I'll comment on that PR as well), here's an explanation of why. Feel free to reopen (or ping me to reopen!) if appropriate.

[johannhof]

@nsatragno ah, that makes sense, thanks! I think I hadn't been reading the latest draft document and missed a bunch of work that already happened here. I'll update my FedCM PR and probably file a new PR here, then.