shhnjk
commented
6 months ago Friendly ping @clelland :)
Closed shhnjk closed 1 month ago
shhnjk
commented
6 months ago Friendly ping @clelland :)
shhnjk
commented
3 months ago @clelland, I've introduced Generate report for potential violation of permissions policy on settings. PTAL!
shhnjk
commented
3 months ago @clelland, PTAL when you have time!
clelland
commented
2 months ago This is looking really good, @shhnjk - other than one nit, I think it's probably good to merge
shhnjk
commented
1 month ago @clelland feel free to merge this :)
clelland
commented
1 month ago Thanks, @shhnjk ! This looks good now.
This change implements permission policy reporting for potential Permissions Policy violations to parent frames.
Currently, Permissions Policy violations inside an iframe is not sent to parent frame, because of security concerns. However, this makes it difficult for websites to roll out Permissions Policy because the site owner does not have insight into permission breakage in iframes.
The change is implemented in a way that it does not leak any new information to parent frame, while sending signals that iframes might be affected by the Permissions Policy.
Fixes: https://github.com/w3c/webappsec-permissions-policy/issues/537
Preview | Diff