Contact emails fer...@chromium.com, bfcache-dev
Explainer https://github.com/fergald/docs/blob/master/explainers/permissions-policy-unload.md Specification https://github.com/whatwg/html/pull/7915 Summary This feature allows pages to disable the running of unload event handlers. The goal is to : - allow sites that have removed all unload handlers to ensure they do not accidentally add new ones - allow sites to remove unload handlers when updating the code would is infeasible Unload event handlers are problematic for various reasons and prevent use of BFCache on Desktop (see https://web.dev/bfcache/#never-use-the-unload-event). Blink component Blink>PermissionsAPI <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EPermissionsAPI> Motivation Help sites migrate off unload event handlers and thereby improve BFCache hit-rate: - by ensuring that once removed, handlers do not creep back in - by providing a means to disable handlers in 3rd party iframes and script that is hard to change Initial public proposal https://github.com/w3c/webappsec-permissions-policy/issues/444 TAG review https://github.com/w3ctag/design-reviews/issues/738 TAG review status Pending Risks Interoperability and Compatibility 3rd-party frames that rely on unload may not work as expected when navigating away. This is solvable by the frame authors by use of alternatives to unload and is unlikely to impact users. See detailed discussion. https://github.com/fergald/docs/blob/master/explainers/permissions-policy-unload.md#concerns-about-giving-embedders-control-over-the-nonexecution-of-iframe-code Gecko: Negative ( https://github.com/w3c/webappsec-permissions-policy/issues/444#issuecomment-1047829132) FF objects to this (similar to sync-xhr and document-domain) because it’s providing a way to cause cross-origin interference with script. Explainer addresses this. WebKit: No signal Web developers: Positive Private discussions with devs are positive. Sites that have made efforts to remove all unload handlers want to use this to prevent accidental returns. Also some providers of 3rd-party iframes which have content outside of their control (e.g. ad network) want to guarantee themselves to be unload-free. Other signals: WebView application risks Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications? Debuggability N/A Is this feature fully tested by web-platform-tests <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> ? No Flag name Requires code in //chrome? False Tracking bug https://crbug.com/1324111 Estimated milestones No milestones specified Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5760325231050752 This intent message was generated by Chrome Platform Status <https://chromestatus.com/>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAAozHLkvhEtVOkvW4iXCbMf5a84ypGjD4arZtpS%3D0Okx6BPDdQ%40mail.gmail.com.
