-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature Policy: lazyload #6
Comments
Just to clarify, I believe you missed the single quotes for the |
Thanks you are right. I fixed the missing single quotes for |
Any way to detect whether the browser supports this feature or not? |
Doesn't this feature have a really confusing name? I'm reading https://github.com/w3c/webappsec-feature-policy/blob/master/policies/lazyload.md, where it says:
So, wait, if I apply the Suggestions: |
I think on Chrome 74 with "Experimental Web Platform" flag off, |el.lazyload| would return |
I agree the name is confusing; it is supposed to suggest the full control over the
So, this feature is about the full right to use the For the specific example, if a website would define
then any embedded content from |
Closed by accident :). |
Yes, I understand that, but that's because I've read it six times :-) I really hope we can rename. |
There is a PR which would rework and rename the proposed |
|
Both the loading-frame-default-eager.md and loading-image-default-eager.md documents seem to be missing some sentencing in the "What does this mean" section:
I think before the sentence: "This however could become a cumbersome process [...]" it should be explained that (e.g) "Developers may use the Is that correct? If so, I can PR unless you want to do it. |
Thanks for pointing this out. Yes. I believe this is would look better. Please send a PR and also have @clelland take a look. |
Yes, as stated in https://github.com/w3c/webappsec-feature-policy/issues/193#issuecomment-484109871 the |
As @Malvoz mentioned, this policy has been split in two, so can this be closed? Also, I'm curious as to the reasoning for splitting this into image- and frame-policies in the first place. Is having one policy to control all |
Should this be revisited, in light of the Permissions-Policy → Document-Policy/Structured Headers changes? |
Proposing a new feature policy for lazy-loading which will overwrite the default or specified behavior of
lazyload
attribute for<iframe>
and<img>
. The proposed name for the feature islazyload
.The
lazyload
attribute (for an<iframe>
or<img>
) takes on three values ofauto
(decision of lazy-loading is deferred to the user agent),on
(the contents will be loaded lazily),off
(the contents will not be loaded lazily).The proposed
lazyload
feature is a parameterized feature which takes one of the three values of:auto
: the default behavior oflazyload
attribute is not altered (user agent decides) .off
: the default behavior oflazyload
is set tooff
.For example, if the site
www.example.com
sets its header policy toFeature Policy: lazyload 'self'(off)
, thenwill still load the contents lazily due to the defined attributes, but
will not load the contents lazily since the feature is set to
off
by default.force
: ignores the value oflazyload
attribute and enforces it toon
for all<iframe>
and<img>
.For example, if a site sets its header policy to
Feature Policy: lazyload *(force)
then all<iframe>
's and<img>
's from all domains will be loaded lazily. For example inthe provided attributed is ignored and the contents will be loaded lazily due to policy enforcement. Also, since the
lazyload
attribute setting is in violation of thelazyload
feature, such a usage may trigger a violation error.The feature can also be set through container policies, for instance:
which will enforce lazy loading for all domains. This would include
https://www.example.com
.The text was updated successfully, but these errors were encountered: