- From: Ian Clelland <notifications@github.com>
- Date: Fri, 06 Nov 2020 10:33:47 -0800
- To: whatwg/xhr <xhr@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 6 November 2020 18:33:59 UTC
Following the discussion in https://github.com/w3c/webappsec-permissions-policy/issues/410, it seems that there is interest in replacing the existing integration with Feature Policy with a similar Document Policy integration. The largest difference between the two is that a document policy in one frame does not necessarily affect its embedded content; the parent can switch off synchronous XHR for itself, while allowing its children to make the same decision on their own. Document Policy does define a mode by which child frames can be required to disable sync-xhr, but this requires an explicit opt in by the embedded document, and is not simply imposed by the embedder, as it is with Feature Policy. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/xhr/issues/296
Received on Friday, 6 November 2020 18:33:59 UTC