- From: Nasko Oskov <nasko@chromium.org>
- Date: Mon, 14 Jan 2013 15:39:11 -0800
- To: whatwg@whatwg.org
Hi whatwg, I recently became aware of the proposal to add AllowSeamless attribute that will permit cross-origin seamless iframes ( http://wiki.whatwg.org/wiki/AllowSeamless). We are currently working on a new security policy in Chrome, which will separate each site into its own renderer process. More information can be found at http://www.chromium.org/developers/design-documents/site-isolation. One of the requirements of this model is that cross-origin iframes will be rendered in a separate process from the main document. Since seamless iframes are currently allowed only if they are same-origin, this works fine. If we move to a mode where seamless iframes are allowed for cross-origin pages, it makes our isolation model very difficult to implement correctly. An example would be input events, which according to our reading of the spec for seamless should cross the iframe boundary. This means that we have to maintain synchronous model for event capture/bubble phases across multiple processes, which is prone to either deadlocks or environment inconsistency. Based on the existing security concerns listed in the proposal and the fact that it might prevent a useful new security architecture in browsers, I would suggest this not be added to the web platform. Thank you, Nasko Oskov
Received on Monday, 14 January 2013 23:39:38 UTC