W3C home > Mailing lists > Public > whatwg@whatwg.org > January 2013

[whatwg] AllowSeamless feedback

From: Nasko Oskov <nasko@chromium.org>
Date: Mon, 14 Jan 2013 15:39:11 -0800
Message-ID: <CAA=myAsiyv_=oHCJnMeXu05Fp+bXmkSgU3wV+TPV6RMwjuGeMw@mail.gmail.com>
To: whatwg@whatwg.org
Hi whatwg,
I recently became aware of the proposal to add AllowSeamless attribute that
will permit cross-origin seamless iframes (
http://wiki.whatwg.org/wiki/AllowSeamless). We are currently working on a
new security policy in Chrome, which will separate each site into its own
renderer process. More information can be found at
http://www.chromium.org/developers/design-documents/site-isolation.

One of the requirements of this model is that cross-origin iframes will be
rendered in a separate process from the main document. Since seamless
iframes are currently allowed only if they are same-origin, this works
fine. If we move to a mode where seamless iframes are allowed for
cross-origin pages, it makes our isolation model very difficult to
implement correctly. An example would be input events, which according to
our reading of the spec for seamless should cross the iframe boundary. This
means that we have to maintain synchronous model for event capture/bubble
phases across multiple processes, which is prone to either deadlocks or
environment inconsistency.

Based on the existing security concerns listed in the proposal and the fact
that it might prevent a useful new security architecture in browsers, I
would suggest this not be added to the web platform.

Thank you,
Nasko Oskov
Received on Monday, 14 January 2013 23:39:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 30 January 2013 18:48:12 GMT