Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Spec disableUntrustedNetwork API surface #146

Open
wants to merge 11 commits into
base: master
Choose a base branch
from
Open

Spec disableUntrustedNetwork API surface #146

Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
c9cbe3f
disableUntrustedNetwork skeleton
Apr 3, 2024
39d31fb
fill out more
Apr 9, 2024
7eaf2b1
more
Apr 9, 2024
c4705a6
address comments
Apr 11, 2024
215b3ef
Merge branch 'master' into disable-untrusted-network
gtanzer May 4, 2024
55b26c3
Update spec.bs
gtanzer May 4, 2024
f57621f
Update issue number for waiting
gtanzer Jul 8, 2024
6d5dcf8
Merge branch 'master' into disable-untrusted-network
blu25 Sep 12, 2024
6b61a85
remove "can disable untrusted network"
blu25 Sep 12, 2024
a04f1a2
convert origin check into assert
blu25 Sep 12, 2024
7701d57
change credentialless issue link
blu25 Sep 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
62 changes: 59 additions & 3 deletions spec.bs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1204,7 +1204,7 @@ A <dfn export>fenced frame config</dfn> is a [=struct=] with the following [=str

: <dfn>embedder shared storage context</dfn>
:: null, or a [=string=]

: <dfn>is ad component</dfn>
:: A [=boolean=], initially false.

Expand Down Expand Up @@ -1260,8 +1260,11 @@ A <dfn export>fenced frame config instance</dfn> is a [=struct=] with the follow

: <dfn>embedder shared storage context</dfn>
:: null, or a [=string=]

: <dfn>is ad component</dfn>
:: A [=boolean=]

: <dfn>has disabled untrusted network</dfn>
:: A [=boolean=], initially false.

: <dfn>cross-origin reporting allowed</dfn>
Expand Down Expand Up @@ -1347,10 +1350,13 @@ A <dfn export>fenced frame config instance</dfn> is a [=struct=] with the follow

: [=fenced frame config instance/embedder shared storage context=]
:: |config|'s [=fenced frame config/embedder shared storage context=]

: [=fenced frame config instance/is ad component=]
:: |config|'s [=fenced frame config/is ad component=]

: [=fenced frame config instance/has disabled untrusted network=]
:: false

: [=fenced frame config instance/cross-origin reporting allowed=]
:: |config|'s [=fenced frame config/cross-origin reporting allowed=]
</div>
Expand Down Expand Up @@ -1633,6 +1639,7 @@ Several APIs specific to fenced frames are defined on the {{Fence}} interface.
undefined reportEvent(optional ReportEventType event = {});
undefined setReportEventDataForAutomaticBeacons(optional FenceEvent event = {});
sequence&lt;FencedFrameConfig&gt; getNestedConfigs();
Promise&lt;undefined&gt; disableUntrustedNetwork();
};
</pre>

Expand Down Expand Up @@ -1819,6 +1826,55 @@ Several APIs specific to fenced frames are defined on the {{Fence}} interface.
</wpt>
</div>

<div algorithm>
The <dfn method for=Fence>disableUntrustedNetwork()</dfn> method steps are:

1. Let |p| be [=a new promise=].

1. Let |instance| be [=this=]'s [=relevant global object=]'s [=Window/browsing context=]'s
[=browsing context/fenced frame config instance=].

1. If |instance| is null, then [=resolve=] |p| with {{undefined}} and return |p|.

1. [=Assert=]: the [=relevant settings object=]'s [=environment settings object/origin=] and
|instance|'s [=fenced frame config instance/mapped url=]'s [=url/origin=] are [=same origin=].

Note: Only contexts that are [=same origin=] to the [=fenced frame config instance/mapped url=]
described in the [=fenced frame config instance=] are allowed to call this API.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm happy the assert is "sensible" and passes, but I still don't quite understand it. Is it even possible for same-origin but different-from-the-original-navigation Documents to make it here? Or would the config be reset for those navigations?


1. If [=this=]'s [=relevant global object=]'s [=Window/navigable=]'s [=navigable/traversable
navigable=] is not a [=fenced navigable container/fenced navigable=], then [=resolve=] |p| with
{{undefined}} and return |p|.

1. Let |global| be [=this=]'s [=relevant global object=].

1. Run the following steps [=in parallel=]:

1. Let |fencedFrameNonce| be |instance|'s [=fenced frame config instance/partition nonce=].

1. Let |credentiallessNonce| be

Issue: the page credentialless nonce
(<a href="https://github.com/WICG/fenced-frame/issues/191">WICG/fenced-frame#191</a>)

1. Revoke the partition nonces |fencedFrameNonce| and |credentiallessNonce|.

Issue: Spec the revocation process.
(<a href="https://github.com/WICG/fenced-frame/issues/151">WICG/fenced-frame#151</a>)

1. Set |instance|'s [=fenced frame config instance/has disabled untrusted network=] to true.

1. Wait on all nested fenced frames to disable network too.

Issue: Spec this waiting more formally.
(<a href="https://github.com/WICG/fenced-frame/issues/168">WICG/fenced-frame#168</a>)

1. [=Queue a global task=] on the [=DOM manipulation task source=] given |global|, to
[=resolve=] |p| with {{undefined}}.

1. Return |p|.
</div>

<h3 id=new-request-destination>New [=request=] [=request/destination=]</h3>

The processing model of a <{fencedframe}>'s navigation request deviates from that of the normal
Expand Down
Loading