On Wed, May 29, 2024 at 9:49 AM Mike Taylor <miketa...@chromium.org> wrote:
> LGTM1 to ship this for IWAs only. > On 5/22/24 2:11 PM, Reilly Grant wrote: > > LGTM as an IWA OWNER (3x LGTM from Blink API OWNERS are still required > according to the IWA-specific API launch process > <https://www.chromium.org/blink/launching-features/isolated-web-apps/>). > > This is a good example of IWA-specific behavior minimally extending an > existing API and I think this approach strikes a good balance between > capability and security. > Reilly Grant | Software Engineer | reil...@chromium.org | Google Chrome > <https://www.google.com/chrome> > > > On Wed, May 22, 2024 at 10:08 AM 'Ajay Rahatekar' via blink-dev < > blink-dev@chromium.org> wrote: > >> Contact emails >> >> mattreyno...@chromium.org >> >> Specification >> >> https://wicg.github.io/webusb/#permissions-policy >> >> Summary >> >> Enables trusted applications to bypass security restrictions in the >> WebUSB API. >> >> The WebUSB specification defines a blocklist of vulnerable devices and a >> table of protected interfaces classes that are blocked from access through >> WebUSB. With this feature, Isolated Web Apps ( >> https://github.com/WICG/isolated-web-apps) with permission to access the >> "usb-unrestricted" Permission Policy feature will be allowed to access >> blocklisted devices and protected interface classes. >> > Can you comment on what types of "blocklisted devices and protected interface classes" are there that this would enable access to? I'm just looking over IWA-specific API launch process <https://www.chromium.org/blink/launching-features/isolated-web-apps/>, and there's the "unsafe at any speed" bucket. I presume this doesn't fall into that category, but I'm still interested to see what this would enable Thanks! Vlad > >> >> Blink component >> >> Blink>USB >> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EUSB> >> >> Search tags >> >> usb <https://chromestatus.com/features#tags:usb>, webusb >> <https://chromestatus.com/features#tags:webusb>, unrestricted >> <https://chromestatus.com/features#tags:unrestricted> >> >> TAG review >> >> None >> >> TAG review status >> >> Not applicable >> >> Risks >> >> Interoperability and Compatibility >> >> WebUSB is only implemented in Chromium-based browsers. >> >> >> Gecko: No signal >> >> WebKit: No signal >> >> Web developers: No signals >> >> Other signals: >> >> WebView application risks >> >> Does this intent deprecate or change behavior of existing APIs, such that >> it has potentially high risk for Android WebView-based applications? >> >> None >> >> >> Debuggability >> >> None >> >> >> Will this feature be supported on all six Blink platforms (Windows, Mac, >> Linux, ChromeOS, Android, and Android WebView)? >> >> No >> >> This feature is not available on Android because Isolated Web Apps are >> not supported in Chrome for Android. >> >> >> Is this feature fully tested by web-platform-tests >> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >> ? >> >> No, this feature is only available in Isolated Web Apps which are not yet >> supported for web platform tests. >> >> Flag name on chrome://flags >> >> chrome://flags/#enable-unrestricted-usb >> >> Finch feature name >> >> UnrestrictedUsb >> >> Requires code in //chrome? >> >> False >> >> Tracking bug >> >> https://crbug.com/40783010 >> >> Launch bug >> >> https://launch.corp.google.com/launch/4281834 >> >> Estimated milestones >> >> Shipping on desktop >> >> 127 >> >> Anticipated spec changes >> >> Open questions about a feature may be a source of future web compat or >> interop issues. Please list open issues (e.g. links to known github issues >> in the project for the feature specification) whose resolution may >> introduce web compat/interop risk (e.g., changing to naming or structure of >> the API in a non-backward-compatible way). >> >> None >> >> Link to entry on the Chrome Platform Status >> >> https://chromestatus.com/feature/5106506475503616?gate=6251287998103552 >> >> Links to previous Intent discussions >> >> Intent to prototype: >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAHB%2BDAgOvR6ggk64OaEGkfJE%2BOsMh0jKjORBZ_LyN2Pdad%3Dg3w%40mail.gmail.com >> >> This intent message was generated by Chrome Platform Status >> <https://chromestatus.com/>. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to blink-dev+unsubscr...@chromium.org. >> To view this discussion on the web visit >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAHB%2BDAigp8dfbrCYbzs7A9W03%2BpCzZmu58p90tptrTtXh7bRrg%40mail.gmail.com >> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAHB%2BDAigp8dfbrCYbzs7A9W03%2BpCzZmu58p90tptrTtXh7bRrg%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEmk%3DMZdMg1AmuwhGH7OXL9%3DpEZEur-%3D3bTa19zRXRtniKR%3DaA%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEmk%3DMZdMg1AmuwhGH7OXL9%3DpEZEur-%3D3bTa19zRXRtniKR%3DaA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/757cd331-11b0-44b8-8088-24492aeae8b7%40chromium.org > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/757cd331-11b0-44b8-8088-24492aeae8b7%40chromium.org?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADsXd2N3NjDVnDCRH5o-fMur%2BtLshBeVx6KhekGfcHcZ%2B-BAiw%40mail.gmail.com.