Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Iframe credentialless (WIP) #7695

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

Iframe credentialless (WIP) #7695

wants to merge 9 commits into from

Commits on Mar 10, 2022

  1. Anonymous iframe 

    Explainer:
https://github.com/camillelamy/explainers/blob/main/anonymous_iframes.md

Chrome status:
https://chromestatus.com/feature/5729461725036544

Summary:
- Define the anonymous flag for iframe and Window.
- Inheritance is defined similarly to sandbox. However it do not propage
  toward popups.
- Popup opened from anonymous Window use 'noopener'.
- Navigation in anonymous iframe are allowed, even if the embedder has
  COEP:require-corp|credentialless and the response do not.
- Define the `page anonymous nonce`, it is used for anonymous Window as
  an additional keys in:
  - network-partition-keys,
  - storage-partition-keys,
  - cookie-partition-keys
  This ensures the document is loaded within a new and ephemeral
  context. This prevents a cross-origin-isolated parent from stealing
  important data from its child, via a Spectre Attack.
- Password autofill must be disabled inside anonymous Window.

XXX: implement the corresponding parts on top of:
- Fetch => network-partition-keys
- StoragePartitioning => storage-partition-keys
- CookieHavingIndependantState => cookie-partition-key
- Worker.
    @ArthurSonzogni
    ArthurSonzogni committed Mar 10, 2022
    Configuration menu
    Copy the full SHA
    c64d811 View commit details
    Browse the repository at this point in the history

  2. Fix error about "attribute".

    @ArthurSonzogni
    ArthurSonzogni committed Mar 10, 2022
    Configuration menu
    Copy the full SHA
    4653e0e View commit details
    Browse the repository at this point in the history

Commits on Mar 17, 2022

  1. Add iframe-dom-anonymous

    @ArthurSonzogni
    ArthurSonzogni committed Mar 17, 2022
    Configuration menu
    Copy the full SHA
    2ff9317 View commit details
    Browse the repository at this point in the history

  2. Remove useless line.

    @ArthurSonzogni
    ArthurSonzogni committed Mar 17, 2022
    Configuration menu
    Copy the full SHA
    5467e4f View commit details
    Browse the repository at this point in the history

  3. Remove double-space

    @ArthurSonzogni
    ArthurSonzogni committed Mar 17, 2022
    Configuration menu
    Copy the full SHA
    ffa2623 View commit details
    Browse the repository at this point in the history

  4. Revert "Remove useless line." 

    This reverts commit 5467e4f.
    @ArthurSonzogni
    ArthurSonzogni committed Mar 17, 2022
    Configuration menu
    Copy the full SHA
    bfe4abc View commit details
    Browse the repository at this point in the history

Commits on Mar 21, 2022

  1. Add environment's partition nonce.

    @ArthurSonzogni
    ArthurSonzogni committed Mar 21, 2022
    Configuration menu
    Copy the full SHA
    a074a21 View commit details
    Browse the repository at this point in the history

  2. Minor nits.

    @ArthurSonzogni
    ArthurSonzogni committed Mar 21, 2022
    Configuration menu
    Copy the full SHA
    04f0b2a View commit details
    Browse the repository at this point in the history

Commits on Nov 24, 2022

  1. Rename it into credentialless iframe.

    @ArthurSonzogni
    ArthurSonzogni committed Nov 24, 2022
    Configuration menu
    Copy the full SHA
    af2cfac View commit details
    Browse the repository at this point in the history