-
Notifications
You must be signed in to change notification settings - Fork 69
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Origin isolation #244
Comments
FWIW, I think this is something that's (Note that there are some thorny issues still, such as WICG/origin-agent-cluster#8.) |
Some more thoughts:
Overall this still seems like the most principled way to give up on |
Request for Mozilla Position on an Emerging Web Specification
Other information
This proposal is a bit subtle. The normative impacts are relatively small: a site can opt out same-site cross-origin DOM object access via
document.domain
, and same-site cross-originpostMessage()
ing ofSharedArrayBuffer
s. But the intent is that, while doing so, the site can provide hints on why it's giving away these capabilities, the browser can use those hints to guide its process allocation strategies.As for each of those hints: Chrome has partners interested in
prefer_isolated_event_loop
andfor_memory_measurement
. I think we all recognize that side-channel protection is good, so there's alsofor_side_channel_protection
.I also included
prefer_isolated_memory
, since I thought Mozilla might appreciate a standardized version of theirLarge-Allocation
header; thoughts welcome there. I imagine it doesn't line up exactly, but it seems to cover similar use cases...We also have partners that will not be able to deploy COOP + COEP + CORB-across-all-their-dependencies, but are still interested in isolated event loops. So we think this is additive to the idea of automatic origin isolation via COOP + COEP.
Although we're reasonably happy with where the explainer/spec draft has ended up right now, it's hard to say for sure what will survive real-world testing on partner sites (which we hope to do around the end of Q1). As such, any early design feedback would be much appreciated.
The text was updated successfully, but these errors were encountered: