FYI: This feature is now planned for shipping in M128. On Thursday, May 30, 2024 at 11:59:01 AM UTC-7 Chris Harrelson wrote:
> LGTM3 > > On Wed, May 29, 2024 at 4:30 PM Alex Russell <sligh...@chromium.org> > wrote: > >> Thanks, Matt. This is helpful. >> >> LGTM2. >> >> On Wednesday, May 29, 2024 at 1:05:39 PM UTC-7 Matt Reynolds wrote: >> > The list of protected interface classes is defined in the spec and >>> currently includes Audio, Human Interface Device (HID), Mass Storage, Smart >>> Card, Video, Audio/Video, and Wireless Controller: >>> >>> https://wicg.github.io/webusb/#has-a-protected-interface-class >>> >>> The blocklisted device list is maintained in a separate file in the spec >>> repository and currently only includes USB security key devices: >>> >>> https://github.com/WICG/webusb/blob/main/blocklist.txt >>> >>> On Wed, May 29, 2024 at 7:43 AM Vladimir Levin <vmp...@chromium.org> >>> wrote: >>> >> On Wed, May 29, 2024 at 9:49 AM Mike Taylor <mike...@chromium.org> wrote: >>>> >>>>> LGTM1 to ship this for IWAs only. >>>>> On 5/22/24 2:11 PM, Reilly Grant wrote: >>>>> >>>>> LGTM as an IWA OWNER (3x LGTM from Blink API OWNERS are still required >>>>> according to the IWA-specific API launch process >>>>> <https://www.chromium.org/blink/launching-features/isolated-web-apps/>). >>>>> >>>>> >>>>> This is a good example of IWA-specific behavior minimally extending an >>>>> existing API and I think this approach strikes a good balance between >>>>> capability and security. >>>>> Reilly Grant | Software Engineer | rei...@chromium.org | Google Chrome >>>>> <https://www.google.com/chrome> >>>>> >>>>> >>>>> On Wed, May 22, 2024 at 10:08 AM 'Ajay Rahatekar' via blink-dev < >>>>> blin...@chromium.org> wrote: >>>>> >>>>>> Contact emails >>>>>> >>>>>> mattre...@chromium.org >>>>>> >>>>>> Specification >>>>>> >>>>>> https://wicg.github.io/webusb/#permissions-policy >>>>>> >>>>>> Summary >>>>>> >>>>>> Enables trusted applications to bypass security restrictions in the >>>>>> WebUSB API. >>>>>> >>>>>> The WebUSB specification defines a blocklist of vulnerable devices >>>>>> and a table of protected interfaces classes that are blocked from access >>>>>> through WebUSB. With this feature, Isolated Web Apps ( >>>>>> https://github.com/WICG/isolated-web-apps) with permission to access >>>>>> the "usb-unrestricted" Permission Policy feature will be allowed to >>>>>> access >>>>>> blocklisted devices and protected interface classes. >>>>>> >>>>> Can you comment on what types of "blocklisted devices and protected >>>> interface classes" are there that this would enable access to? I'm just >>>> looking over IWA-specific API launch process >>>> <https://www.chromium.org/blink/launching-features/isolated-web-apps/>, >>>> and there's the "unsafe at any speed" bucket. I presume this doesn't fall >>>> into that category, but I'm still interested to see what this would enable >>>> >>>> Thanks! >>>> Vlad >>>> >>>> >>> >>>>>> >>>>>> Blink component >>>>>> >>>>>> Blink>USB >>>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EUSB> >>>>>> >>>>>> Search tags >>>>>> >>>>>> usb <https://chromestatus.com/features#tags:usb>, webusb >>>>>> <https://chromestatus.com/features#tags:webusb>, unrestricted >>>>>> <https://chromestatus.com/features#tags:unrestricted> >>>>>> >>>>>> TAG review >>>>>> >>>>>> None >>>>>> >>>>>> TAG review status >>>>>> >>>>>> Not applicable >>>>>> >>>>>> Risks >>>>>> >>>>>> Interoperability and Compatibility >>>>>> >>>>>> WebUSB is only implemented in Chromium-based browsers. >>>>>> >>>>>> >>>>>> Gecko: No signal >>>>>> >>>>>> WebKit: No signal >>>>>> >>>>>> Web developers: No signals >>>>>> >>>>>> Other signals: >>>>>> >>>>>> WebView application risks >>>>>> >>>>>> Does this intent deprecate or change behavior of existing APIs, such >>>>>> that it has potentially high risk for Android WebView-based applications? >>>>>> >>>>>> None >>>>>> >>>>>> >>>>>> Debuggability >>>>>> >>>>>> None >>>>>> >>>>>> >>>>>> Will this feature be supported on all six Blink platforms (Windows, >>>>>> Mac, Linux, ChromeOS, Android, and Android WebView)? >>>>>> >>>>>> No >>>>>> >>>>>> This feature is not available on Android because Isolated Web Apps >>>>>> are not supported in Chrome for Android. >>>>>> >>>>>> >>>>>> Is this feature fully tested by web-platform-tests >>>>>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>>>>> ? >>>>>> >>>>>> No, this feature is only available in Isolated Web Apps which are not >>>>>> yet supported for web platform tests. >>>>>> >>>>>> Flag name on chrome://flags >>>>>> >>>>>> chrome://flags/#enable-unrestricted-usb >>>>>> >>>>>> Finch feature name >>>>>> >>>>>> UnrestrictedUsb >>>>>> >>>>>> Requires code in //chrome? >>>>>> >>>>>> False >>>>>> >>>>>> Tracking bug >>>>>> >>>>>> https://crbug.com/40783010 >>>>>> >>>>>> Launch bug >>>>>> >>>>>> https://launch.corp.google.com/launch/4281834 >>>>>> >>>>>> Estimated milestones >>>>>> >>>>>> Shipping on desktop >>>>>> >>>>>> 127 >>>>>> >>>>>> Anticipated spec changes >>>>>> >>>>>> Open questions about a feature may be a source of future web compat >>>>>> or interop issues. Please list open issues (e.g. links to known github >>>>>> issues in the project for the feature specification) whose resolution >>>>>> may >>>>>> introduce web compat/interop risk (e.g., changing to naming or structure >>>>>> of >>>>>> the API in a non-backward-compatible way). >>>>>> >>>>>> None >>>>>> >>>>>> Link to entry on the Chrome Platform Status >>>>>> >>>>>> >>>>>> https://chromestatus.com/feature/5106506475503616?gate=6251287998103552 >>>>>> >>>>>> Links to previous Intent discussions >>>>>> >>>>>> Intent to prototype: >>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAHB%2BDAgOvR6ggk64OaEGkfJE%2BOsMh0jKjORBZ_LyN2Pdad%3Dg3w%40mail.gmail.com >>>>>> >>>>>> This intent message was generated by Chrome Platform Status >>>>>> <https://chromestatus.com/>. >>>>>> >>>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "blink-dev" group. >>>>>> >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>>> an email to blink-dev+...@chromium.org. >>>>> >>>>> >>>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAHB%2BDAigp8dfbrCYbzs7A9W03%2BpCzZmu58p90tptrTtXh7bRrg%40mail.gmail.com >>>>>> >>>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAHB%2BDAigp8dfbrCYbzs7A9W03%2BpCzZmu58p90tptrTtXh7bRrg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "blink-dev" group. >>>>> >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to blink-dev+...@chromium.org. >>>>> >>>>> >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEmk%3DMZdMg1AmuwhGH7OXL9%3DpEZEur-%3D3bTa19zRXRtniKR%3DaA%40mail.gmail.com >>>>> >>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEmk%3DMZdMg1AmuwhGH7OXL9%3DpEZEur-%3D3bTa19zRXRtniKR%3DaA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "blink-dev" group. >>>>> >>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to blink-dev+...@chromium.org. >>>> >>>> >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/757cd331-11b0-44b8-8088-24492aeae8b7%40chromium.org >>>>> >>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/757cd331-11b0-44b8-8088-24492aeae8b7%40chromium.org?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>> -- >> > You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> > To unsubscribe from this group and stop receiving emails from it, send an >> email to blink-dev+...@chromium.org. >> To view this discussion on the web visit >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/eb7c711c-7069-4268-b44a-f8bfee6101b7n%40chromium.org >> >> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/eb7c711c-7069-4268-b44a-f8bfee6101b7n%40chromium.org?utm_medium=email&utm_source=footer> >> . >> > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/5a8c71d6-659e-49ba-89c9-5ae3f7cfc22dn%40chromium.org.
