Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Opener Protections #43

Open
arichiv opened this issue Oct 9, 2023 · 5 comments
Open

Opener Protections #43

arichiv opened this issue Oct 9, 2023 · 5 comments
Assignees
@arichiv

Comments

@arichiv
Copy link

arichiv commented Oct 9, 2023

I'd like to propose the adoption of Opener Storage Partitioning by the Privacy Community Group.

This work is being investigated by Chrome and was discussed at TPAC 2023.

Summary of Proposal:

Our goal is to maintain cross-page communication where important to web function while striking a better balance with user-privacy.

This will be done in two steps. First, whenever a frame navigates cross-origin any other windows with a window.opener handle pointing to the navigating frame will have that handle cleared. Second, either (a) any frames with a valid window.opener (or window.top.opener) handle at the time of navigation will have transient storage via a StorageKey nonce instead of access to standard first- and third-party StorageKeys or (b) the opener will be severed by default until user interaction or an API call restores it.

The first proposal should be less disruptive than either of the second, but metrics will need to be gathered on both. Once implemented, these proposals together prevent any synchronous or asynchronous communication between a first- and third-party storage bucket for the same origin. Instead, communication between two buckets for the same origin will only be possible if one of the buckets is transient. This mitigates the threats we are concerned with.
@arichiv arichiv added the agenda+ Request to add this issue to the agenda of our next telcon or F2F label Oct 9, 2023
@arichiv arichiv self-assigned this Oct 9, 2023
@martinthomson
Copy link

@arichiv we can put you on the agenda this week, How much time do you expect to need?
@johannhof
Copy link
Member

@martinthomson same as for heuristics, Ari presented on this 2 weeks ago. I think we're interested in what next steps for adoption by the group are. Given that this is a very exploratory proposal (like the nav tracking mitigations originally), what level of support do we need from other implementers?
@martinthomson
Copy link

We can ask people to indicate here whether their implementation is interested in the work.
@arichiv
Copy link
Author

arichiv commented Oct 25, 2023
edited
Loading

I don't think we need to take this to the group again since it was two weeks ago, this is blocked on me posting to request positions. I hope to get to it in early November.
@martinthomson martinthomson removed the agenda+ Request to add this issue to the agenda of our next telcon or F2F label Oct 26, 2023
@arichiv
Copy link
Author

arichiv commented Nov 13, 2023

https://groups.google.com/a/chromium.org/g/blink-dev/c/RiNkhQGvmkc I2P sent out and WebKit/Mozilla/TAG issues opened.
@arichiv arichiv changed the title Opener Storage Partitioning Nov 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
3 participants
@martinthomson @arichiv @johannhof