Open Bug 1771352 Opened 3 years ago Updated 3 years ago

Add a way for addons to control permission policies/sandbox of iframe elements

Categories

(Core :: DOM: Core & HTML, enhancement)

Product:
Core
Component:
DOM: Core & HTML
Type:
enhancement

Tracking

()

People

(Reporter: saschanaz, Unassigned)

References

Details

allow and sandbox does not respond to attribute mutation, so there is no stable+efficient way for site intervention to control them:

Use cases are to add a missing allow item for a broken feature (e.g. web-share) and to add sandbox for certain iframes for antitracking purpose.

Bear in mind that any design here should take into consideration that we'd be using our system addon for webcompat to do such site interventions, so having a clean API accessible from a webextension (or webextension experimental API) would be best here from a performance point of view (i.e, not requiring any new window actors and the like).

For instance, having something similar to the picture-in-picture system addon's APIs might be viable here as well (in that the addon is allowed to modify a declarative list of settings which Gecko can use to modify specific iframe settings in specific ways as they are created).

This kind of API could also be very useful for other non-system addons, so having it eventually able to be exposed via a regular webextension API is also worth considering.

Changing allow/sandbox state after some page has been loaded would be... impossible in general, since the page which was loaded already has a state based on the original values.
We might be able to support this for some allow/sandbox states though, basically those which control how some rarely used feature works.

@smaug, can we not allow for changing the value while the original page is loaded? It would presumably be fine to even do it during the parsing stage, if that's relatively easy.

Flags: needinfo?(bugs)

I think it depends on when exactly and which flag.

Flags: needinfo?(bugs)

Should such change really happen after or while loading the frames? Can it happen before loading them? 🤔

See Also: → 1772949
You need to log in before you can comment on or make changes to this bug.