Can't Be Evil Sandbox FAQ
Does this prevent all 3rd party requests?
What's the point of only preventing the use of 3rd party assets and resources?
The current web model maximizes users' digital footprint in ways that are detrimental to user privacy and introduce a number of trusted third parties into developers' apps. We propose taking an iterative approach to addressing these practices and start with the lowest hanging fruit. Preventing the automatic use of 3rd party assets and resources moves a large amount of control and implicit apps away from 3rd parties besides the app developer. It changes the web from a world where visiting a site can result in potentially downloading assets from an unlimited number of 3rd parties before code written by the developer is even executed to a world where you’re only download assets from the app developer.
Are apps that opt-in to the sandbox backward compatible with the web?
Yes. Apps that opt-in to the Can't Be Evil Sandbox are backwards compatible with existing web browsers. You can think of these apps as a subset of the current web.
Will apps that opt-in to the sandbox function in browsers that have not installed the New Internet Extension?
What does the icon mean?
When the extension icon is gray, the sandbox is not active on the current site.
When the extension is purple, the sandbox is active and its rules are being enforced.
Why ban cookies?
How do I protect users of my app by opting in to the Can’t Be Evil Sandbox?
- Make sure all of your scripts, fonts and other assets are delivered from the same origin (domain name) as your app
- Configure your server to send the http header
cant-be-evilwith a value of
I have more questions, where should I ask them?
Open an issue on Github!