MSEdgeExplainers icon indicating copy to clipboard operation
MSEdgeExplainers copied to clipboard
verified publisher icon MicrosoftEdge

[PerformanceControlOfEmbeddedContent] Why would a embedded content want to opt-in this?

Open sefeng211 opened this issue 6 months ago • 3 comments

Thanks for the talk today at WebPerf!

I have a concern about whether this would really work in the way it's expected. One thing I don't understand what makes a document want to opt-in for this, because opt-in actually gives more restriction to it, I don't expect anyone would prefer that?

This also feels like potentially adding "disadvantages" to browsers who implement this because this could potentially slows something down (due to a violation).

sefeng211 avatar Jun 19 '25 16:06 sefeng211

Thank you for your comment.

The use case where we think this would be most valuable is for top-level documents requiring the policy on embedded frames. For example, apps which embed other apps as iframes would want to limit their impact on the overall experience, and would thus require this policy on its embedded frames. Some scenarios we're thinking of are listed in our BlinkOn deck (slide 7), informed by the some of the apps we've worked with at Microsoft. Document Policy explainer also provides a great example for policies being requested on embedded content.

In Document Policy, when a policy is required by the parent document, the embedded document has to opt into it for it to be loaded (section in the explainer). So the incentive would be for the embedded document to adhere to the policy requirement so it continues to load.

lflores-ms avatar Jun 19 '25 16:06 lflores-ms

Yeah, I think it's reasonable if both the embedder and the embedding are controlled by a single party. I doubt it'd be useful for third party embeddings. From what I've heard, it's hard for first-party to ask third-party to roll out new features, and first-party often needs to make compromises because of that.

sefeng211 avatar Jun 19 '25 19:06 sefeng211

Thanks for your input. This is something we are aware of. Our current thinking is that there would need to be some level of coordination between the two parties to enable generic policy application, but there are other scenarios where the embedder has some level of leverage over the embedding, like meta apps. At the moment, our intention is to expose the first category as something for sites to try out.

lflores-ms avatar Jun 19 '25 20:06 lflores-ms