Re: [blink-dev] Intent to Ship: Allow Cross-Origin Subframes to Send Automatic Beacons

[Daniel Bratell]

LGTM3

/Daniel

On 2024-01-24 11:45, Yoav Weiss (@Shopify) wrote:

LGTM2

On Tuesday, January 23, 2024 at 11:17:35 AM UTC+1 Mike Taylor wrote:

    Thanks Liam. This seems fine to me given that both parties need to
    opt in.

    LGTM1

    On 1/22/24 6:10 PM, Liam Brady wrote:

    Hi Mike,

    "crossOrigin=true" is just a typo. "crossOrigin" was the original
    naming convention for "crossOriginExposed". It was renamed during
    code review, but I forgot to update the I2S wording to match that.

    We chose to not go with Permissions-Policy for a few reasons.
    First is that for fenced frames created through something like
    Protected Audience, they have a fixed list of permissions that
    must be enabled for the frame to load, so refactoring that to
    support one permissions policy that can be either enabled or
    enabled would be a lot of effort. Doing that would also allow 1
    bit of information to leak from the embedder to the fenced frame,
    which is the whole reason we locked down permissions policies in
    the first place. We also didn't want the embedder to have any
    control over how this header is set (such as having an embedder
    opt in on the frame's behalf), and since permissions policies are
    based on inheritance, that was something we needed to avoid.
    On Friday, January 19, 2024 at 3:43:44 PM UTC-5
    mike...@chromium.org wrote:

        Hi Liam,

        On 1/16/24 3:49 PM, 'Liam Brady' via blink-dev wrote:

        Contact emails

        lbr...@google.com, shiva...@chromium.org, jka...@chromium.org


        Explainer(s)

        https://github.com/WICG/turtledove/pull/904
        <https://github.com/WICG/turtledove/pull/904>


        Spec(s)

        https://github.com/WICG/fenced-frame/pull/133
        <https://github.com/WICG/fenced-frame/pull/133>


        Summary

        As part of the Privacy Sandbox experiment, we introduced a
        way for beacons to be sent automatically if a top-level
        navigation is initiated from within an ad frame
        
<https://github.com/WICG/turtledove/blob/main/Fenced_Frames_Ads_Reporting.md#registeradbeacon-1>.
        At the time, we restricted this feature to frames and
        subframes that were same-origin to the root ad frame.
        However, there is a use case that this is not able to
        handle. With third-party ad serving (3PAS), the actual
        contents of the ad (including links/click handlers) are
        loaded in a cross-origin subframe. Because it is
        cross-origin, the frame does not get access to the automatic
        beacon API, and therefore is not able to report a top-level
        navigation when a user clicks on the ad.


        A cross-origin subframe can now opt in to sending automatic
        beacons by setting a new response header:
        "Allow-Fenced-Frame-Automatic-Beacons". The cross-origin
        frame still cannot set automatic beacon data; instead, the
        main ad frame will set the automatic beacon data, but opt in
        to having the data be used for cross-origin automatic
        beacons using a new "crossOrigin=true" parameter. When these
        2 criteria are met, the cross-origin subframe will send an
        automatic beacon when a top-level navigation happens.

        Is "crossOrigin=true" different than the "crossOriginExposed"
        boolean defined in the spec? Or just a typo?

        Another question: is there any reason you chose to create a
        new HTTP header, rather than use something like
        Permissions-Policy? (Maybe that's not supported for fenced
        frames?)

        This feature will also fix a separate issue
        
<https://github.com/WICG/turtledove/pull/808#issuecomment-1721411495>brought
        up externally and allow for ad components to opt into
        sending automatic beacons without needing to invoke
        setReportEventDataForAutomaticBeacons(); they instead will
        just need to supply the
        "Allow-Fenced-Frame-Automatic-Beacons" response header. This
        will not remove the existing way for ad components to opt
        into sending beacons.


        Blink component

        Blink>FencedFrames
        
<https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EFencedFrames>


        TAG reviews and status

        Fenced frames existing TAG review appended with these spec
        changes https://github.com/w3ctag/design-reviews/issues/838#
        
<https://github.com/w3ctag/design-reviews/issues/838#issuecomment-1792881253>


        Link to Origin Trial feedback summary

        No Origin Trial performed


        Is this feature supported on all six Blink platforms
        (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?

        Supported on all the above platforms except Android WebView.


        Debuggability

        Additional debugging capabilities are not necessary for
        these feature changes.


        Risks


        Compatibility

        This is an added functionality and is backward compatible.


        Interoperability

        There are no interoperability risks as no other browsers
        have decided to implement these features yet.


        Is this feature fully tested by web-platform-tests
        
<https://chromium.googlesource.com/chromium/src/+/master/docs/testing/web_platform_tests.md>?
        Link to test suite results from wpt.fyi <https://wpt.fyi>.

        Yes. New automatic beacon tests have been added to test
        cross-origin beacons.

        automatic-beacon-cross-origin-false.https.html (test
        
<https://github.com/web-platform-tests/wpt/blob/master/fenced-frame/automatic-beacon-cross-origin-false.https.html>)
        (results
        
<https://wpt.fyi/results/fenced-frame/automatic-beacon-cross-origin-false.https.html>)

        automatic-beacon-cross-origin-navigation.https.html (test
        
<https://github.com/web-platform-tests/wpt/blob/master/fenced-frame/automatic-beacon-cross-origin-navigation.https.html>)
        (results
        
<https://wpt.fyi/results/fenced-frame/automatic-beacon-cross-origin-navigation.https.html>)

        automatic-beacon-cross-origin-no-data.https.html (test
        
<https://github.com/web-platform-tests/wpt/blob/master/fenced-frame/automatic-beacon-cross-origin-no-data.https.html>)
        (results
        
<https://wpt.fyi/results/fenced-frame/automatic-beacon-cross-origin-no-data.https.html>)

        automatic-beacon-cross-origin-no-opt-in.https.html (test
        
<https://github.com/web-platform-tests/wpt/blob/master/fenced-frame/automatic-beacon-cross-origin-no-opt-in.https.html>)
        (results
        
<https://wpt.fyi/results/fenced-frame/automatic-beacon-cross-origin-no-opt-in.https.html>)

        automatic-beacon-use-ancestor-data.https.html (test
        
<https://github.com/web-platform-tests/wpt/blob/master/fenced-frame/automatic-beacon-use-ancestor-data.https.html>)
        (results
        
<https://wpt.fyi/results/fenced-frame/automatic-beacon-use-ancestor-data.https.html>)

        WPT directory for Fenced Frames:
        https://github.com/web-platform-tests/wpt/tree/master/fenced-frame
        <https://github.com/web-platform-tests/wpt/tree/master/fenced-frame>


        Anticipated spec changes

        None


        Link to entry on the Chrome Platform Status

        https://chromestatus.com/feature/5179499557945344
        <https://chromestatus.com/feature/5179499557945344>


        Links to previous Intent discussions

        Intent to prototype:
        
https://groups.google.com/a/chromium.org/g/blink-dev/c/Ko9UXQYPgUE/m/URRsB-qvAAAJ
        
<https://groups.google.com/a/chromium.org/g/blink-dev/c/Ko9UXQYPgUE/m/URRsB-qvAAAJ>

        Intent to experiment:
        
https://groups.google.com/a/chromium.org/g/blink-dev/c/y6G3cvKXjlg/m/Lcpmpi_LAgAJ
        
<https://groups.google.com/a/chromium.org/g/blink-dev/c/y6G3cvKXjlg/m/Lcpmpi_LAgAJ>

        Intent to ship:

        
https://groups.google.com/a/chromium.org/g/blink-dev/c/tpw8wW0VenQ/m/mePLTiHlDQAJ
        
<https://groups.google.com/a/chromium.org/g/blink-dev/c/tpw8wW0VenQ/m/mePLTiHlDQAJ>

-- You received this message because you are subscribed to the

        Google Groups "blink-dev" group.
        To unsubscribe from this group and stop receiving emails
        from it, send an email to blink-dev+...@chromium.org.
        To view this discussion on the web visit
        
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/d33531b6-bc29-4951-ab8b-3b58880568den%40chromium.org
        
<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/d33531b6-bc29-4951-ab8b-3b58880568den%40chromium.org?utm_medium=email&utm_source=footer>.

--

You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/6ca9eb71-fbf6-4e9d-a8b1-524306d0fbaen%40chromium.org <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/6ca9eb71-fbf6-4e9d-a8b1-524306d0fbaen%40chromium.org?utm_medium=email&utm_source=footer>.

--
You received this message because you are subscribed to the Google Groups 
"blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to blink-dev+unsubscr...@chromium.org.
To view this discussion on the web visit 
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/5aa07bfd-c36e-47ef-98fd-14a3c8a9dc46%40gmail.com.