Html: Cross-Origin-Opener-Policy: provide a clearer spec.
Currently COOP is being implemented in Firefox and there are plans to add this to all other major browsers.
This feels like we got to the point where a clear specifications with intentions, thread model and mechanics should be put together.
I'm mostly interested in
- avoiding different behaviors in different browsers
- state threat model and intentions clearly so that it is easy to reason about it
Currently there is a tentative spec for the algorithm and a rather long dicussion that contains all the step that this proposal went through.
I read all that to try and understand what the policy should accomplish and I think I got it, but I also think this should be easier for newcomers, users and implementers to tackle and understand.
/cc @arturjanc @domenic @rniwa @annevk @csreis @mystor
empijei
All 3 comments
I agree that it'd be good to add this. I'm personally focusing on
- Iterating on the processing model gist pointed to above
- Tests
so it'd be great if someone were willing to pick this up.
annevk
on 29 Apr 2019
@hemeryar, @ParisMeuleman or myself will pick this up once we're done with Chrome's implementation of COOP.
camillelamy
on 2 Mar 2020
I have a draft PR at https://github.com/whatwg/html/pull/5334 that takes https://gist.github.com/annevk/6f2dd8c79c77123f39797f6bdac43f3e and merges it into the spec.
camillelamy
on 4 Mar 2020
Related issues
bramus
路
4Comments
FANMixco
路
3Comments
lacolaco
路
3Comments
iane87
路
3Comments
adampage
路
4Comments
Most helpful comment
@hemeryar, @ParisMeuleman or myself will pick this up once we're done with Chrome's implementation of COOP.