Add features for permissions policy and feature policy#2661
Add features for permissions policy and feature policy#2661foolip merged 15 commits intoweb-platform-dx:mainfrom
Conversation
github-actions
Bot
added
the
tools and infrastructure
|
cc: @Elchi3 you might have opinions about this one, since I expect it to impact BCD as well. |
| spec: https://w3c.github.io/webappsec-permissions-policy/ | ||
| caniuse: permissions-policy | ||
| compat_features: | ||
| - http.headers.Permissions-Policy |
There was a problem hiding this comment.
I guess none of https://w3c.github.io/webappsec-permissions-policy/#idl-index has shipped...
There was a problem hiding this comment.
Yeah. I asked about this at the time and it seems like at some point somebody thought about it but nothing else came of it.
|
I've sent mdn/browser-compat-data#26708 to start unwinding the compat data, to unblock this PR. |
github-actions
Bot
added
the
feature definition
ddbeck
force-pushed
the
permissions-policy
branch
from
7d084ef to
6e50bcf
Compare
|
@foolip I think this kinda works now. Can I get a re-review? |
| @@ -0,0 +1,7 @@ | |||
| name: Permissions policy | |||
| description: The `Permissions-Policy` response header sets whether a policy-controlled feature, such as an API, may be used in a document. | |||
There was a problem hiding this comment.
The allow attribute is the other entrypoint to this feature and should be mentioned in the description, I think.
| description: The `Permissions-Policy` response header sets whether a policy-controlled feature, such as an API, may be used in a document. | ||
| spec: https://w3c.github.io/webappsec-permissions-policy/ | ||
| caniuse: permissions-policy | ||
| compat_features: |
There was a problem hiding this comment.
I would also suggest moving the allow attribute into here, yanking it from the iframe feature.
|
Ping @ddbeck on my review comments. |
|
@foolip I've addressed all the comments. This is ready for re-review. |
|
|
||
| status: | ||
| baseline: false | ||
| support: {} |
There was a problem hiding this comment.
We'll need compute_from to get a sensible version here. I'll do that.
Add status section to feature-policy.yml with compute_from sources.
Added support for specific browser versions in feature-policy.
2 participants
This PR adds a feature for permissions policy and a discouraged feature for feature policy.
This is a big mess, so these are draft features.Unfortunately, BCD doesn't accurately record the data for these features and it it's a bit of work to unwind this. I propose that we add these as drafts for now and, at the time we merge this, file an issue on BCD that requestsFeature-PolicyandPermissions-Policybe separated into separate keys and see where things go from there.[This work has been more or less completed. See discussion below.]
The full backstory:
Feature-Policyheader was once added to browsers.Feature-Policywas "renamed" toPermissions-Policy. "Renamed" because yes it was renamed, but it also got a breaking syntax change at the same time (see also Control browser features with Permissions Policy | Privacy & Security | Chrome for Developers).Feature-Policywas an alternative name forPermissions-Policy, ignoring the syntax change. I'm not quite sure why this happened, given the failure of such an approach earlier.Given this story, we cannot accurately calculate either feature's implementation status in a way that accords with caniuse or, in my opinion, confusing developers (because let me tell you, I was confused about this and I knew most of the backstory already).