Liam Brady
Liam Brady
This issue was brought up in https://github.com/WICG/fenced-frame/issues/158. This PR adds official definitions for the `Allow-Fenced-Frame-Automatic-Beacons` and the `Allow-Cross-Origin-Event-Reporting` response headers that are used for cross-origin opt in for their respective...
See the "Permissions Changes" section of [this document](https://docs.google.com/document/d/1RSufNtL0KKTvmS9ZajJqyhkuxFfnyIW2hnLE9Mb9ehw/edit?usp=sharing) for details. Fenced frames with unpartitioned data access need to be able to allow certain permissions policy-backed features (mainly Shared Storage) in...
With the work being done for local unpartitioned data access, there are now cases where a fenced frame will be allowed to inherit permissions from its ancestor. This PR updates...
There are quite a few cases where an opaque ad won't be allowed to load. Developers will have an API to let them know if fenced frame creation will fail...
The 'src' allowlist is a feature unique to iframes and fenced frames that, if set, only allows a given feature for the origin loaded in the src/config attribute. This is...
This PR specs the following behavior: - Setting the "Origin" header to the origin of the frame that invoked `reportEvent()` for destination URL events. - Setting the "Origin" header to...
Essentially the equivalent of this CL: https://chromium-review.googlesource.com/c/chromium/src/+/4774259 Moving focus into a fenced frame should require user activation by default, unless explicitly specified otherwise.
A fenced frame should not be considered to have its network revoked until all its descendants have their network access revoked as well.
This will require a change to the WPT web driver + an RFC opened for it.
https://wicg.github.io/anonymous-iframe/#dom-window-credentialless