- From: arturjanc <notifications@github.com>
- Date: Mon, 05 Jul 2021 04:57:44 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3ctag/design-reviews/issues/649/874055061@github.com>
> I'm trying to understand the actual scope of the problem and the actual user need you are trying to address. In addition to what @camillelamy wrote above, I wanted to chime in with some more high-level background. In the long term, it seems important for the web to move towards better default isolation between websites; see https://speakerdeck.com/mikewest/isolation-by-default (IIRC @mikewest also has a document with some more technical details; I'm not sure if it's public though?). COOP and COEP achieve this by introducing restrictions on cross-origin interactions between the document and the resources it loads and other windows it opens (roughly, by requiring authenticated cross-origin resources or windows to opt into these interactions). Today, these restrictions are enforced on an opt-in basis: documents don't _have_ to opt into COOP+COEP -- the only situation where we require this is when a document wants access to SharedArrayBuffers or other features that could potentially allow the information about cross-origin resources to leak to their embedder. Applications which need such features can now get access to them, safely. But, as Camille says, the main problem is that the current restrictions are onerous for developers and difficult to adopt in non-trivial applications (such as those using OAuth); this proposal makes it easier for developers to enable COOP+COEP without reducing the security guarantees provided by cross-origin isolation. If we want to evolve the security model to provide these restrictions by default, the web compatibility story of cross-origin isolation is important; it will be difficult to move towards default isolation unless we make it possible for most sites to function under that model. IMO one of the main benefits of COOP `same-origin-allow-popups-plus-coep` is that it allows us to move towards isolation by default, improving the security of the ecosystem in the long term (i.e. that's a tangible user benefit in its own right, in addition to allowing developers to build applications that use APIs such as SharedArrayBuffer). -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/649#issuecomment-874055061
Received on Monday, 5 July 2021 11:57:56 UTC