Thanks! On Mon, 18 Oct 2021 at 16:30, Yoav Weiss <yoavwe...@chromium.org> wrote:
> That's great to hear! > LGTM to experiment M96-M99 (inclusive) > > On Mon, Oct 18, 2021 at 7:29 AM Glen Robertson <glen...@chromium.org> > wrote: > >> We now intend to disable cross-origin usage of the DGAPI along with the >> v2.0 OT (I'm working on a CL, still needs to be landed and merged to M96). >> >> On Fri, 15 Oct 2021 at 17:56, Yoav Weiss <yoavwe...@chromium.org> wrote: >> >>> That'd be significantly better from my perspective, thanks! :) >>> >>> On Fri, Oct 15, 2021 at 8:48 AM Glen Robertson <glen...@chromium.org> >>> wrote: >>> >>>> Actually, we could disable cross-origin usage and measure attempted >>>> usage at the same time (in M96 with merge, in time for v2.0 OT start). >>>> Sounds like this would be preferred by Blink Owners? I'll check with >>>> others on the team. >>>> >>>> On Fri, 15 Oct 2021 at 10:02, Glen Robertson <glen...@chromium.org> >>>> wrote: >>>> >>>>> Probably not before the OT starts, but yes before the OT finishes. I >>>>> am adding a metric to see if there's any attempted usage of the API in >>>>> this >>>>> way currently, so we will need to get that out, then wait a milestone to >>>>> see the result. That approach was OK'd by privacy review. >>>>> Also note that this isn't a change from the v1 API. >>>>> >>>>> On Thu, 14 Oct 2021 at 19:40, Yoav Weiss <yoavwe...@chromium.org> >>>>> wrote: >>>>> >>>>>> Is it possible to disallow delegation for the OT as well? >>>>>> >>>>>> On Tue, Oct 12, 2021 at 6:46 AM Glen Robertson <glen...@chromium.org> >>>>>> wrote: >>>>>> >>>>>>> Yes, we are planning to disallow delegation before shipping. This >>>>>>> was discussed in the privacy review on the launch bug >>>>>>> <https://bugs.chromium.org/p/chromium/issues/detail?id=1250123>. >>>>>>> >>>>>>> On Tue, 12 Oct 2021 at 14:13, 'Matt Menke' via blink-dev < >>>>>>> blink-dev@chromium.org> wrote: >>>>>>> >>>>>>>> All intent emails - including experiment, are reviewed for >>>>>>>> potential privacy and security issues. If this is keyed on frame >>>>>>>> origin, >>>>>>>> delegating to cross-origin iframes is a cross-site tracking vector. If >>>>>>>> cross-origin iframes have access to it, but keyed on top frame origin >>>>>>>> rather than iframe origin, it's not a privacy issue (though haven't >>>>>>>> thought >>>>>>>> about security considerations). Disallowing delegation, or otherwise >>>>>>>> addressing the cross-site tracking issue would be needed to launch, so >>>>>>>> it's >>>>>>>> good to be aware of it now, rather than only learning that this is an >>>>>>>> issue >>>>>>>> when trying to ship. >>>>>>>> >>>>>>>> On Mon, Oct 11, 2021 at 11:03 PM Glen Robertson < >>>>>>>> glen...@chromium.org> wrote: >>>>>>>> >>>>>>>>> In Chrome, the feature is controlled by the "payment" feature >>>>>>>>> policy, and is therefore unavailable except in top-level context or >>>>>>>>> when >>>>>>>>> explicitly delegated to subframes (we are planning to disallow >>>>>>>>> delegation >>>>>>>>> <https://bugs.chromium.org/p/chromium/issues/detail?id=1257010> too). >>>>>>>>> Digital products managed by the API are specific to an origin. >>>>>>>>> IIUC we don't usually specify how user agents should do security >>>>>>>>> controls but I've added these as suggestions in the explainer >>>>>>>>> <https://github.com/WICG/digital-goods/blob/main/explainer.md#security-and-privacy-considerations> >>>>>>>>> . >>>>>>>>> >>>>>>>>> On Sat, 9 Oct 2021 at 02:40, Matt Menke <mme...@google.com> wrote: >>>>>>>>> >>>>>>>>>> Skimming over the explainer, I can't determine whether this leaks >>>>>>>>>> data cross-site or not. Are these digital products that the API >>>>>>>>>> manages >>>>>>>>>> exposed across sites, restricted to same-origin frame, restricted to >>>>>>>>>> same-origin 1P contexts, or what? >>>>>>>>>> >>>>>>>>>> On Friday, October 8, 2021 at 3:37:18 AM UTC-4 Glen Robertson >>>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Contact emails >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *mgi...@chromium.org, gle...@chromium.org, rou...@chromium.org* >>>>>>>>>>> Explainer >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *https://github.com/WICG/digital-goods/blob/master/explainer.md >>>>>>>>>>> <https://github.com/WICG/digital-goods/blob/master/explainer.md>* >>>>>>>>>>> Specification >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *None yet. Have a spec mentor and aiming to do this by M96 >>>>>>>>>>> stable.*Design docs >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *https://github.com/WICG/digital-goods/blob/master/explainer.md >>>>>>>>>>> <https://github.com/WICG/digital-goods/blob/master/explainer.md>https://docs.google.com/document/d/1Jbt2Mzt-xg1cWVlFScBQsoX_pE8Kg1gYpulxUSV8FM0/edit >>>>>>>>>>> <https://docs.google.com/document/d/1Jbt2Mzt-xg1cWVlFScBQsoX_pE8Kg1gYpulxUSV8FM0/edit>go/dgapi2 >>>>>>>>>>> <https://goto.google.com/dgapi2> (internal)*Summary >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *An API for querying and managing digital products to facilitate >>>>>>>>>>> in-app purchases from web applications, in conjunction with the >>>>>>>>>>> Payment >>>>>>>>>>> Request API (which is used to make the actual purchases). The API >>>>>>>>>>> would be >>>>>>>>>>> linked to a digital distribution service connected to via the user >>>>>>>>>>> agent. >>>>>>>>>>> In Chrome, this is specifically a web API wrapper around the >>>>>>>>>>> Android Play >>>>>>>>>>> Billing API.*Blink component >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *Blink>Payments >>>>>>>>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EPayments>*Search >>>>>>>>>>> tags >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *payments <https://chromestatus.com/features#tags:payments>, >>>>>>>>>>> billing <https://chromestatus.com/features#tags:billing>*TAG >>>>>>>>>>> review >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *https://github.com/w3ctag/design-reviews/issues/571 >>>>>>>>>>> <https://github.com/w3ctag/design-reviews/issues/571>TAG recommends >>>>>>>>>>> making >>>>>>>>>>> a Chrome-specific API. Other issues addressed.*TAG review status >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *Issues addressed*Risks >>>>>>>>>>> >>>>>>>>>>> Interoperability and Compatibility >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *Similar to Payment Request: this API is used to talk to >>>>>>>>>>> specific store backends, and so its usage is tailored to the >>>>>>>>>>> specific >>>>>>>>>>> store. The reason it's a proposed web standard is so that the same >>>>>>>>>>> code >>>>>>>>>>> (which is specific to one store) is portable across browsers.Gecko: >>>>>>>>>>> No >>>>>>>>>>> signal (https://github.com/mozilla/standards-positions/issues/349 >>>>>>>>>>> <https://github.com/mozilla/standards-positions/issues/349>)WebKit: >>>>>>>>>>> No >>>>>>>>>>> signal >>>>>>>>>>> (https://lists.webkit.org/pipermail/webkit-dev/2021-October/032001.html >>>>>>>>>>> <https://lists.webkit.org/pipermail/webkit-dev/2021-October/032001.html>) >>>>>>>>>>> Microsoft: >>>>>>>>>>> Initial discussions, no public signal yet (has been >>>>>>>>>>> requested).Samsung: >>>>>>>>>>> Initial discussions, no public signal yet (has been requested).Web >>>>>>>>>>> developers: Positive >>>>>>>>>>> (https://discourse.wicg.io/t/proposal-web-payments-digital-product-management-api/4350 >>>>>>>>>>> <https://discourse.wicg.io/t/proposal-web-payments-digital-product-management-api/4350>)44/61 >>>>>>>>>>> responses of "extremely likely" to continue to use the feature from >>>>>>>>>>> v1.0 >>>>>>>>>>> OT36/61 responses of slightly-to-extremely easy to use the feature >>>>>>>>>>> (and 12 >>>>>>>>>>> neutral) from v1.0 OT*Ergonomics >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *Used in tandem with the Payment Request API.*Goals for >>>>>>>>>>> experimentation >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *- General API design. Determine whether developers need to >>>>>>>>>>> access more data that would be exposed through the Play Billing API >>>>>>>>>>> but is >>>>>>>>>>> not exposed through our web API.- Specifically, we have >>>>>>>>>>> significantly >>>>>>>>>>> reduced the API surface for v2.0, and would like to know if it is >>>>>>>>>>> still >>>>>>>>>>> acceptable for developers.- We would also like to know whether the >>>>>>>>>>> API is >>>>>>>>>>> suitable for abstracting over other non-Play stores. While running >>>>>>>>>>> an >>>>>>>>>>> experiment with the current implementation won't tell us this, it >>>>>>>>>>> will set >>>>>>>>>>> up real-world clients and we can then try their sites on other >>>>>>>>>>> implementations.*Reason this experiment is being extended >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *An origin trial ran from M88 to M95 and found some areas of >>>>>>>>>>> developer friction and new features needed (see bugs labeled >>>>>>>>>>> https://bugs.chromium.org/p/chromium/issues/list?q=label%3ADGAPI >>>>>>>>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=label%3ADGAPI>). >>>>>>>>>>> We >>>>>>>>>>> also found potential fraud issues in the v1.0 API.The v2.0 API fixes >>>>>>>>>>> several of the developer issues raised, and fixes the known fraud >>>>>>>>>>> issues. >>>>>>>>>>> However, this is a significant change to the API surface. We would >>>>>>>>>>> like to >>>>>>>>>>> know if the updated API is still acceptable for developers.*Ongoing >>>>>>>>>>> technical constraints >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *None*Debuggability >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *We have had several requests from developers to make the API >>>>>>>>>>> easier to debug, but it is difficult due to the interaction with a >>>>>>>>>>> backing >>>>>>>>>>> service based in an app/store context. We are looking for >>>>>>>>>>> suggestions >>>>>>>>>>> <https://github.com/WICG/digital-goods/issues/33> on how we might >>>>>>>>>>> improve >>>>>>>>>>> the debuggability of the API.*Will this feature be supported on >>>>>>>>>>> all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, >>>>>>>>>>> and >>>>>>>>>>> Android WebView)? >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *NoNo, Android and Chrome OS only (the two platforms where we >>>>>>>>>>> have Play Store integration).*Is this feature fully tested by >>>>>>>>>>> web-platform-tests >>>>>>>>>>> <https://chromium.googlesource.com/chromium/src/+/master/docs/testing/web_platform_tests.md> >>>>>>>>>>> ? >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *No. The JS<->mojo interface (Blink code) is tested >>>>>>>>>>> <https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/web_tests/wpt_internal/digital-goods/> >>>>>>>>>>> but the backing app/store context is unavailable in WPT.*Flag >>>>>>>>>>> name >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *DigitalGoods*Requires code in //chrome? >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *False*Tracking bug >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *https://crbug.com/1248319 <https://crbug.com/1248319>*Launch >>>>>>>>>>> bug >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *https://crbug.com/1250123 <https://crbug.com/1250123>*Estimated >>>>>>>>>>> milestones >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *OriginTrial desktop last99OriginTrial desktop >>>>>>>>>>> first96OriginTrial android last99OriginTrial android first96*Link >>>>>>>>>>> to entry on the Chrome Platform Status >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *https://chromestatus.com/feature/5339955595313152 >>>>>>>>>>> <https://chromestatus.com/feature/5339955595313152>*Links to >>>>>>>>>>> previous Intent discussions >>>>>>>>>>> >>>>>>>>>>> Intent to prototype: >>>>>>>>>>> https://groups.google.com/a/chromium.org/g/blink-dev/c/vkS3k30lWNs >>>>>>>>>>> >>>>>>>>>>> Intent to Experiment (DGAPI v1.0): >>>>>>>>>>> https://groups.google.com/a/chromium.org/g/blink-dev/c/syI9_M9dANY/m/3lt-QGMHAgAJ >>>>>>>>>>> >>>>>>>>>>> Intent to Continue Experimenting (DGAPI v1.0): >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> https://groups.google.com/a/chromium.org/g/blink-dev/c/uoTx_cRuL5o >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> This intent message was generated by Chrome Platform Status >>>>>>>>>>> <https://www.chromestatus.com/>. >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>> You received this message because you are subscribed to the Google >>>>>>>> Groups "blink-dev" group. >>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>> send an email to blink-dev+unsubscr...@chromium.org. >>>>>>>> To view this discussion on the web visit >>>>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEK7mvpq1krCWQfTc_hi1mRSW9rwznRScDWa4dyUQPGPYt2jtQ%40mail.gmail.com >>>>>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEK7mvpq1krCWQfTc_hi1mRSW9rwznRScDWa4dyUQPGPYt2jtQ%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>>>> . >>>>>>>> >>>>>>> -- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "blink-dev" group. >>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>> send an email to blink-dev+unsubscr...@chromium.org. >>>>>>> To view this discussion on the web visit >>>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAPV%2BSg_%3D%3DywYCB%2B6ZsaXAndHpX9c_c_mBtU47KBEmX6Qm1J6vA%40mail.gmail.com >>>>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAPV%2BSg_%3D%3DywYCB%2B6ZsaXAndHpX9c_c_mBtU47KBEmX6Qm1J6vA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>>> . >>>>>>> >>>>>> -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfUmYkZGF%2BYcnArrcvgTAkpYmWD2ztRcDtp9HvUW__jvWg%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfUmYkZGF%2BYcnArrcvgTAkpYmWD2ztRcDtp9HvUW__jvWg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAPV%2BSg8OefGNGQ2LY7GAPE_m_scJBeWLCGTtFteEEta%2BB%2B%3D9KA%40mail.gmail.com.
