New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
amp-iframe: allow attribute #11953
amp-iframe: allow attribute #11953
Conversation
/cc @cramforce since you expressed some thoughts on #11541 |
Uhh. Kind of scary. Is there a top-level constraint on these? I.e. can the top-level embedder constraint which of these are truly allowed? |
I hope so! At least that's how If that turns out to be the case (which is likely), which ones do we want viewer to enable? Canonical AMP sites like https://www.accordersaguitare.com/ want It is sort of strange to let origin specify whatever it wants but then restrict them in the viewer. |
@dvoytenko confirmed, child frames can't give away policies their parent hasn't given them. So viewer can strict available policies of all descendant frames. |
Still, AMP could be given more allowance than would be expected for embeds within AMP. Did we try to run it by security? |
So far our policy has been to allow pages to grant all permissions to child
frames. I don't really see how that could not be the right thing to do, but
could be convinced otherwise.
…On Mon, Nov 13, 2017 at 7:29 PM, Dima Voytenko ***@***.***> wrote:
Still, AMP could be given more allowance than would be expected for embeds
within AMP. Did we try to run it by security?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#11953 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAFeTwCFdwoIB1gQzW-vDniHlohKbUKGks5s2Qk0gaJpZM4QUGqC>
.
|
Chatted offline a bit with Dima yesterday. Suggestion: Note that these are not actual permissions, just whether the API is available or not. User still needs to grant permission when API is used. |
what's the status of this PR? it will unblock #12282 |
ready to merge, needs approval :) |
b/70231806 |
* Revision bump for #11953 * Refactor validateTagAgainstSpec * Further refactor validateTagAgainstSpec by extracting methods for additional validation steps which can add errors. * Refactor. Extract a function from validateTagAgainstSpec named updateStateFromTagSpec. * Refactor, merge UpdateStateFromTagSpec and UpdateGlobalSpecs. * Revision bump for #12095 * Refactor. Move updateContextFromTagSpec into Context class. * Refactor. Move code from Context::UpdateFromMatchingTagSpec into smaller methods and in some cases even closer to the relevant context objects (ExtensionsContext and TagStack) * Revision bump for #12285 * Revision bump for #12452 * Refactor. Pull the 'update' part of validate-then-update further up the call stack. * Revision bump for #12457 * Revision bump for #12462 * Refactor. Clean up recording of matching reference points. Push the logic for it into the tagspec methods. * Revision bump for #12461 * Refactor. Use ValidationResult::PASS to indicate a tagspec is passing, rather than unknown, which is harder to reason about. * Revision bump for #12196 * Make amp4ads boilerplate mandatory. * Refactor. Split up the MatchChildTag method into a const validation method and a state mutation method. Push those into the relevant parts of the code. * Revision bump for #12471 * Fix comments. * Build in native support for vendor-prefixes in CSS rules. * Revision bump for #12515 * Add new layout FLUID to validator. * Refactor. Check for reference point collisions without involving the tag stack. * Add missing test file.
The validator changes in here are now live. |
* Revision bump for ampproject#11953 * Refactor validateTagAgainstSpec * Further refactor validateTagAgainstSpec by extracting methods for additional validation steps which can add errors. * Refactor. Extract a function from validateTagAgainstSpec named updateStateFromTagSpec. * Refactor, merge UpdateStateFromTagSpec and UpdateGlobalSpecs. * Revision bump for ampproject#12095 * Refactor. Move updateContextFromTagSpec into Context class. * Refactor. Move code from Context::UpdateFromMatchingTagSpec into smaller methods and in some cases even closer to the relevant context objects (ExtensionsContext and TagStack) * Revision bump for ampproject#12285 * Revision bump for ampproject#12452 * Refactor. Pull the 'update' part of validate-then-update further up the call stack. * Revision bump for ampproject#12457 * Revision bump for ampproject#12462 * Refactor. Clean up recording of matching reference points. Push the logic for it into the tagspec methods. * Revision bump for ampproject#12461 * Refactor. Use ValidationResult::PASS to indicate a tagspec is passing, rather than unknown, which is harder to reason about. * Revision bump for ampproject#12196 * Make amp4ads boilerplate mandatory. * Refactor. Split up the MatchChildTag method into a const validation method and a state mutation method. Push those into the relevant parts of the code. * Revision bump for ampproject#12471 * Fix comments. * Build in native support for vendor-prefixes in CSS rules. * Revision bump for ampproject#12515 * Add new layout FLUID to validator. * Refactor. Check for reference point collisions without involving the tag stack. * Add missing test file.
aside from payment, geolocation, microphone and vr, |
@nightpool Yes! Would you mind filing a separate issue and we can track inclusion across major viewers. |
@cramforce will do |
done: #18430 |
Closes #11937, closes #11541, closes #12282
The syntax for
allow
recently changed and is fairly complicated w3c/webappsec-permissions-policy#78 I suggest propagating as is without validating the value.