w3c webappsec-permissions-policy issues

w3c / webappsec-permissions-policy

A mechanism to selectively enable and disable browser features and APIs

https://w3c.github.io/webappsec-permissions-policy/

Other

399 stars 155 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Default Powerful Feature Permission

#555 ecki opened 3 months ago
0
> 07881334 2 002065 031525 054161 F-3525824 PANYA YAOWALA ( AIA ) 0107537002761 0872220535 3410200102061 *01401125350 341020009143 3410200102096 41001470 165467 T-078813339 T078813342

#554 Userpanya closed 3 months ago
0
Add all-screens-capture permissions policy

#553 shangl closed 4 months ago
0
PP header inheritance for local schemes

#552 AlbertoFDR opened 5 months ago
2
Update features.md (e.g., 'storage-access' is missing)

#551 JannisBush closed 2 months ago
1
Example 3 is misleading/Delegating Trust to Nested Contexts

#550 JannisBush opened 5 months ago
0
Add digital-credential-get experimental permission to features.md

#549 pkotwicz closed 4 months ago
3
Add two "JS playground" examples.

#548 jan-ivar closed 4 months ago
1
JS playgrounds leak permissions. Guidelines and examples needed

#547 jan-ivar closed 4 months ago
10
Send reports for Permissions Policy violations in iframe to parent frame's endpoint

#546 shhnjk closed 1 month ago
6
Include feature status of some directives

#545 0xedward closed 5 months ago
2
Permissions Policy "deferred-fetch"

#544 mingyc closed 2 months ago
0
[clipboard] document.execCommand('copy') and presumably paste bypass permissions policy

#543 williewillus closed 2 months ago
1
Query: Can trusted subframe allocate permission to one of it's cross-domain subframe

#542 aromalanil closed 2 months ago
2
Add `documentUrl` to Permissions Policy report

#541 shhnjk closed 9 months ago
1
> 07881334 2 002065 031525 054161 F-3525824 PANYA YAOWALA ( AIA ) 0107537002761 0872220535 3410200102061 *01401125350 341020009143 3410200102096 41001470 165467 T-078813339 T078813342

#538 Usermsn closed 9 months ago
1
Send reports for Permissions Policy violations in iframe to parent frame's endpoint

#537 shhnjk closed 1 month ago
19
Permissions Policy report missing a document URL

#536 shhnjk closed 9 months ago
2
methiyaowala

#535 Usermsn closed 10 months ago
2
Update features.md for `window-management` nee `window-placement`

#534 michaelwasserman closed 11 months ago
3
A request's "window" is never a Window

#533 jyasskin opened 1 year ago
1
Set declared policy for powerful features to self by default

#532 shhnjk opened 1 year ago
9
Add "mediasession" to the list of permission policies

#531 youennf closed 2 months ago
1
Update self-link in IANA considerations

#530 clelland closed 1 year ago
0
Add reporting and report-only mode.

#529 clelland closed 1 year ago
1
In features.md: Rename FLEDGE to Protected Audience

#528 qingxinwu closed 1 year ago
0
Inconsistency in text and parsing algorithm (invalid member value)

#527 JannisBush opened 1 year ago
0
Structured Field Values for HTTP are now RFC8941

#526 JannisBush closed 1 year ago
2
Update [=opaque origin=] refs

#524 arichiv closed 1 year ago
0
Use exported DFNs from CSP

#523 arichiv closed 1 year ago
0
Clarify self and src origin naming

#522 arichiv closed 1 year ago
2
Editorial: "If origin is opaque" needs to use a cross reference

#521 annevk closed 1 year ago
0
"If the allowlist contains an origin representing self" is unclear

#520 annevk closed 1 year ago
2
Does url match expression in origin with redirect count? takes a URL, not an origin

#519 annevk closed 1 year ago
7
Fix "Define an inherited policy for feature in container at origin" algo

#517 shuranhuang closed 1 year ago
3
Wildcards in Permissions Policy Origins

#516 arichiv closed 1 year ago
2
add none as an allowed default

#515 fergald opened 1 year ago
0
Fix typo double-apostrophe

#514 fergald closed 1 year ago
1
allow disabled-by-default features

#513 fergald opened 1 year ago
5
Potential bug in access delegation to cross-origin iframe for feature that has default allowlist value "self"?

#512 shuranhuang closed 1 year ago
2
Link to more rigorous definitions

#511 domfarolino closed 1 year ago
5
Clarify the expected usage of "Should request be allowed to use feature?"

#510 xyaoinum opened 1 year ago
0
Update publickey-credentials-get shipped status

#509 bdewater closed 1 year ago
3
Add browser support to display-capture

#508 beaufortfrancois closed 1 year ago
2
document.featurePolicy vs document.permissionsPolicy

#507 evilpie closed 1 year ago
2
support <meta http-equiv> mechanism to set the policy

#506 justadreamer closed 1 year ago
2
Update for new navigable concepts.

#505 clelland closed 1 year ago
1
can anyone help me?

#504 pollokyoungteam closed 1 year ago
0
can anyone help me

#503 pollokyoungteam closed 1 year ago
0
Clarify "Shipped in Chrome" for picture-in-picture in features.md

#502 XSpielinbox closed 2 months ago
2