From b9b3318a1dabad78dcecec0d6f41493e3dfb3302 Mon Sep 17 00:00:00 2001
From: Andreas Farre <farre@mozilla.com>
Date: Thu, 10 Aug 2023 10:12:42 +0200
Subject: [PATCH] Positive: Opaque Response Blocking (ORB)

We closed this without a dashboard entry, but it seems like we'd
benefit from one.

Closes #860.
---
 activities.json | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/activities.json b/activities.json
index afd178f0..4eb6ab55 100644
--- a/activities.json
+++ b/activities.json
@@ -463,6 +463,18 @@
     "title": "Cross-Origin Read Blocking (CORB)",
     "url": "https://chromium.googlesource.com/chromium/src/+/master/services/network/cross_origin_read_blocking_explainer.md"
   },
+  {
+    "ciuName": null,
+    "description": "Safelist certain opaque responses based on MIME type and block everything else.",
+    "id": "orb",
+    "mozBugUrl": "https://bugzilla.mozilla.org/show_bug.cgi?id=1532642",
+    "mozPosition": "positive",
+    "mozPositionDetail": "Our preferred approach to handle opaque responses when defending against Spectre attacks.",
+    "mozPositionIssue": 860,
+    "org": "Proposal",
+    "title": "Opaque Response Blocking (ORB)",
+    "url": "https://github.com/annevk/orb"
+  },
   {
     "ciuName": null,
     "description": "Add support for Curve25519 algorithms in the Web Cryptography API, namely the signature algorithm Ed25519 and the key agreement algorithm X25519.",