On Wed, May 29, 2024 at 9:49 AM Mike Taylor <miketa...@chromium.org> wrote:

> LGTM1 to ship this for IWAs only.
> On 5/22/24 2:11 PM, Reilly Grant wrote:
>
> LGTM as an IWA OWNER (3x LGTM from Blink API OWNERS are still required
> according to the IWA-specific API launch process
> <https://www.chromium.org/blink/launching-features/isolated-web-apps/>).
>
> This is a good example of IWA-specific behavior minimally extending an
> existing API and I think this approach strikes a good balance between
> capability and security.
> Reilly Grant | Software Engineer | reil...@chromium.org | Google Chrome
> <https://www.google.com/chrome>
>
>
> On Wed, May 22, 2024 at 10:08 AM 'Ajay Rahatekar' via blink-dev <
> blink-dev@chromium.org> wrote:
>
>> Contact emails
>>
>> mattreyno...@chromium.org
>>
>> Specification
>>
>> https://wicg.github.io/webusb/#permissions-policy
>>
>> Summary
>>
>> Enables trusted applications to bypass security restrictions in the
>> WebUSB API.
>>
>> The WebUSB specification defines a blocklist of vulnerable devices and a
>> table of protected interfaces classes that are blocked from access through
>> WebUSB. With this feature, Isolated Web Apps (
>> https://github.com/WICG/isolated-web-apps) with permission to access the
>> "usb-unrestricted" Permission Policy feature will be allowed to access
>> blocklisted devices and protected interface classes.
>>
> Can you comment on what types of "blocklisted devices and protected
interface classes" are there that this would enable access to? I'm just
looking over IWA-specific API launch process
<https://www.chromium.org/blink/launching-features/isolated-web-apps/>, and
there's the "unsafe at any speed" bucket. I presume this doesn't fall into
that category, but I'm still interested to see what this would enable

Thanks!
Vlad


>
>>
>> Blink component
>>
>> Blink>USB
>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EUSB>
>>
>> Search tags
>>
>> usb <https://chromestatus.com/features#tags:usb>, webusb
>> <https://chromestatus.com/features#tags:webusb>, unrestricted
>> <https://chromestatus.com/features#tags:unrestricted>
>>
>> TAG review
>>
>> None
>>
>> TAG review status
>>
>> Not applicable
>>
>> Risks
>>
>> Interoperability and Compatibility
>>
>> WebUSB is only implemented in Chromium-based browsers.
>>
>>
>> Gecko: No signal
>>
>> WebKit: No signal
>>
>> Web developers: No signals
>>
>> Other signals:
>>
>> WebView application risks
>>
>> Does this intent deprecate or change behavior of existing APIs, such that
>> it has potentially high risk for Android WebView-based applications?
>>
>> None
>>
>>
>> Debuggability
>>
>> None
>>
>>
>> Will this feature be supported on all six Blink platforms (Windows, Mac,
>> Linux, ChromeOS, Android, and Android WebView)?
>>
>> No
>>
>> This feature is not available on Android because Isolated Web Apps are
>> not supported in Chrome for Android.
>>
>>
>> Is this feature fully tested by web-platform-tests
>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md>
>> ?
>>
>> No, this feature is only available in Isolated Web Apps which are not yet
>> supported for web platform tests.
>>
>> Flag name on chrome://flags
>>
>> chrome://flags/#enable-unrestricted-usb
>>
>> Finch feature name
>>
>> UnrestrictedUsb
>>
>> Requires code in //chrome?
>>
>> False
>>
>> Tracking bug
>>
>> https://crbug.com/40783010
>>
>> Launch bug
>>
>> https://launch.corp.google.com/launch/4281834
>>
>> Estimated milestones
>>
>> Shipping on desktop
>>
>> 127
>>
>> Anticipated spec changes
>>
>> Open questions about a feature may be a source of future web compat or
>> interop issues. Please list open issues (e.g. links to known github issues
>> in the project for the feature specification) whose resolution may
>> introduce web compat/interop risk (e.g., changing to naming or structure of
>> the API in a non-backward-compatible way).
>>
>> None
>>
>> Link to entry on the Chrome Platform Status
>>
>> https://chromestatus.com/feature/5106506475503616?gate=6251287998103552
>>
>> Links to previous Intent discussions
>>
>> Intent to prototype:
>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAHB%2BDAgOvR6ggk64OaEGkfJE%2BOsMh0jKjORBZ_LyN2Pdad%3Dg3w%40mail.gmail.com
>>
>> This intent message was generated by Chrome Platform Status
>> <https://chromestatus.com/>.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "blink-dev" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to blink-dev+unsubscr...@chromium.org.
>> To view this discussion on the web visit
>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAHB%2BDAigp8dfbrCYbzs7A9W03%2BpCzZmu58p90tptrTtXh7bRrg%40mail.gmail.com
>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAHB%2BDAigp8dfbrCYbzs7A9W03%2BpCzZmu58p90tptrTtXh7bRrg%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "blink-dev" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to blink-dev+unsubscr...@chromium.org.
> To view this discussion on the web visit
> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEmk%3DMZdMg1AmuwhGH7OXL9%3DpEZEur-%3D3bTa19zRXRtniKR%3DaA%40mail.gmail.com
> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEmk%3DMZdMg1AmuwhGH7OXL9%3DpEZEur-%3D3bTa19zRXRtniKR%3DaA%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
> --
> You received this message because you are subscribed to the Google Groups
> "blink-dev" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to blink-dev+unsubscr...@chromium.org.
> To view this discussion on the web visit
> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/757cd331-11b0-44b8-8088-24492aeae8b7%40chromium.org
> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/757cd331-11b0-44b8-8088-24492aeae8b7%40chromium.org?utm_medium=email&utm_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to blink-dev+unsubscr...@chromium.org.
To view this discussion on the web visit 
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADsXd2N3NjDVnDCRH5o-fMur%2BtLshBeVx6KhekGfcHcZ%2B-BAiw%40mail.gmail.com.

Reply via email to