Re: [blink-dev] Intent to Ship: Origin Isolation By Default / Deprecate document.domain on stable

2023-05-26 Thread 'Eiji Kitamura' via blink-dev 
@Maud Nalpas  is taking over the DevRel work.

On Sat, May 27, 2023 at 12:21 AM Rick Byers  wrote:

> Thanks for the update Daniel. Still LGTM. Good luck!
>
> On Fri, May 26, 2023 at 10:25 AM Daniel Vogelheim 
> wrote:
>
>> Hello all, it's been a while... The bug reports should now be resolved,
>> and we'd like to have another go at this in the M115 milestone. That is:
>> Remain at 50% on beta; starting with 115 ramp up on stable to 1% / 10% /
>> 50% / 100%, every 14d. Let's hope it sticks this time.
>>
>> Daniel
>>
>> On Fri, Mar 31, 2023 at 3:54 PM Daniel Vogelheim 
>> wrote:
>>
>>> Hello all, I'm afraid I have to delay this a bit more. :(
>>>
>>> We have a bug report (tracked in crbug.com/1429587) that breaks
>>> existing apps. The important thing here is that it does not break
>>> document.domain setting and subsequent cross-origin access, but that
>>> instead -- if the conditions are just right; or arguably just wrong -- the
>>> app can get into a state where same-origin accesses are mistakenly blocked.
>>> Apparently an app can get into a state where frames within the same page
>>> are inconsistently assigned to agent clusters (i.e., frames in the same
>>> origin end up in different processes), and thus subsequent accesses within
>>> that origin may fail.
>>>
>>> My plan right now is to leave this on at 50% beta, but to not proceed to
>>> any stable releases at any percentage. I'll update this thread when I have
>>> a better handle on the bug and can suggest a good way to proceed.
>>>
>>> On Fri, Jan 20, 2023 at 5:12 PM Eiji Kitamura 
>>> wrote:
>>>
 FYI, the enterprise bit has been added to the article.
 https://developer.chrome.com/blog/immutable-document-domain/

 On Tue, Jan 17, 2023 at 1:21 AM Brandon Heenan 
 wrote:

> We'll make the update in the enterprise release notes too. Thanks for
> keeping us in the loop
>
> On Mon, Jan 16, 2023 at 9:46 AM Rick Byers 
> wrote:
>
>> Thanks so much Eiji!
>>
>> On Mon, Jan 16, 2023 at 3:06 AM Eiji Kitamura 
>> wrote:
>>
>>> I've updated the blog post
>>>  stating
>>> Chrome 111 is where we ship the feature, but looks like it's rolling out
>>> through 111 and 112?
>>> I'll update the blog post to mention
>>> `OriginAgentClusterDefaultEnabled` enterprise policy.
>>>
>>>
>>> On Sat, Jan 14, 2023 at 1:37 AM Rick Byers 
>>> wrote:
>>>
 Thanks for the update Daniel, good luck!

 In case others, like me, have missed or forgotten the long history
 of this difficult deprecation and what it means for web developers, 
 this blog
 post is a good summary
 .
 One critical thing it doesn't mention, but probably should, is that 
 the OriginAgentClusterDefaultEnabled
 enterprise policy
 
 can also be used to revert the default on managed devices (though it 
 looks
 like the launching milestone needs to be updated there too).

 Rick

 On Fri, Jan 13, 2023 at 9:53 AM 'Daniel Vogelheim' via blink-dev <
 blink-dev@chromium.org> wrote:

> Hello all,
>
> We've now handled the bugs we've discovered, and I would like to
> make another attempt at launching. I'll follow the plan that was 
> approved
> here, but two milestones later: Launch to 50% beta in M111 (or late 
> M110,
> if I can still catch a bit of that release cycle), and then ramp on 
> stable
> once M112 is out.
>
>
> On Wed, Dec 14, 2022 at 6:36 PM Daniel Vogelheim <
> vogelh...@google.com> wrote:
>
>> Hello all,
>>
>> An update: Unfortunately we have discovered a bug with this
>> feature, just as I was getting ready to enable it. The bug also 
>> affects
>> pages that have not even set document.domain. Since I have now 
>> missed a
>> substantial portion of the 109 beta cycle I'd like to delay the roll 
>> out
>> once more, and shift it by one milestone (or two; depending on when
>> everything is fixed).
>>
>> On the positive side: Recently the last of the previously
>> identified big document.domain users, that together accounted for 
>> about 50%
>> of remaining usage, has dropped their usage. So current usage is 
>> lower than
>> previously reported. See the usage dip around late November at
>> deprecate.it (1st graph).
>>
>> On Thu, Nov 10, 2022 at 5:42 PM Mike Taylor <
>> miketa...@chromium.org> wrote:
>>
>>> LGTM3
>>>
>>> On

Re: [blink-dev] Intent to Ship: Origin Isolation By Default / Deprecate document.domain on stable

2023-04-13 Thread 'Eiji Kitamura' via blink-dev 
I've updated the blog
 so that it's
clear that this change is not happening in Chrome 112.
Has the new milestone been determined yet?

On Mon, Apr 3, 2023 at 11:27 PM Marijke Hoste  wrote:

> Thanks for the update indeed!
>
> On the Enterprise-side, we've mentioned this in the past 7 versions of the
> Enterprise Release Notes, so Admins are aware this is coming and have had
> sufficient notification. We don't think that it's necessary to update them
> of the (potential) delays.
>
> On Fri, Mar 31, 2023 at 10:17 AM Mike Taylor 
> wrote:
>
>> Thanks for the update Daniel, and good luck on fixing the bug. :)
>> On 3/31/23 9:54 AM, Daniel Vogelheim wrote:
>>
>> Hello all, I'm afraid I have to delay this a bit more. :(
>>
>> We have a bug report (tracked in crbug.com/1429587) that breaks existing
>> apps. The important thing here is that it does not break document.domain
>> setting and subsequent cross-origin access, but that instead -- if the
>> conditions are just right; or arguably just wrong -- the app can get into a
>> state where same-origin accesses are mistakenly blocked. Apparently an app
>> can get into a state where frames within the same page are inconsistently
>> assigned to agent clusters (i.e., frames in the same origin end up in
>> different processes), and thus subsequent accesses within that origin may
>> fail.
>>
>> My plan right now is to leave this on at 50% beta, but to not proceed to
>> any stable releases at any percentage. I'll update this thread when I have
>> a better handle on the bug and can suggest a good way to proceed.
>>
>> On Fri, Jan 20, 2023 at 5:12 PM Eiji Kitamura  wrote:
>>
>>> FYI, the enterprise bit has been added to the article.
>>> https://developer.chrome.com/blog/immutable-document-domain/
>>>
>>> On Tue, Jan 17, 2023 at 1:21 AM Brandon Heenan 
>>> wrote:
>>>
 We'll make the update in the enterprise release notes too. Thanks for
 keeping us in the loop

 On Mon, Jan 16, 2023 at 9:46 AM Rick Byers  wrote:

> Thanks so much Eiji!
>
> On Mon, Jan 16, 2023 at 3:06 AM Eiji Kitamura 
> wrote:
>
>> I've updated the blog post
>>  stating
>> Chrome 111 is where we ship the feature, but looks like it's rolling out
>> through 111 and 112?
>> I'll update the blog post to mention
>> `OriginAgentClusterDefaultEnabled` enterprise policy.
>>
>>
>> On Sat, Jan 14, 2023 at 1:37 AM Rick Byers 
>> wrote:
>>
>>> Thanks for the update Daniel, good luck!
>>>
>>> In case others, like me, have missed or forgotten the long history
>>> of this difficult deprecation and what it means for web developers, 
>>> this blog
>>> post is a good summary
>>> . One
>>> critical thing it doesn't mention, but probably should, is that the 
>>> OriginAgentClusterDefaultEnabled
>>> enterprise policy
>>> 
>>> can also be used to revert the default on managed devices (though it 
>>> looks
>>> like the launching milestone needs to be updated there too).
>>>
>>> Rick
>>>
>>> On Fri, Jan 13, 2023 at 9:53 AM 'Daniel Vogelheim' via blink-dev <
>>> blink-dev@chromium.org> wrote:
>>>
 Hello all,

 We've now handled the bugs we've discovered, and I would like to
 make another attempt at launching. I'll follow the plan that was 
 approved
 here, but two milestones later: Launch to 50% beta in M111 (or late 
 M110,
 if I can still catch a bit of that release cycle), and then ramp on 
 stable
 once M112 is out.


 On Wed, Dec 14, 2022 at 6:36 PM Daniel Vogelheim <
 vogelh...@google.com> wrote:

> Hello all,
>
> An update: Unfortunately we have discovered a bug with this
> feature, just as I was getting ready to enable it. The bug also 
> affects
> pages that have not even set document.domain. Since I have now missed 
> a
> substantial portion of the 109 beta cycle I'd like to delay the roll 
> out
> once more, and shift it by one milestone (or two; depending on when
> everything is fixed).
>
> On the positive side: Recently the last of the previously
> identified big document.domain users, that together accounted for 
> about 50%
> of remaining usage, has dropped their usage. So current usage is 
> lower than
> previously reported. See the usage dip around late November at
> deprecate.it (1st graph).
>
> On Thu, Nov 10, 2022 at 5:42 PM Mike Taylor <
> miketa...@chromium.org> wrote:
>
>> LGTM3

Re: [blink-dev] Intent to Ship: Origin Isolation By Default / Deprecate document.domain on stable

2023-01-20 Thread 'Eiji Kitamura' via blink-dev 
FYI, the enterprise bit has been added to the article.
https://developer.chrome.com/blog/immutable-document-domain/

On Tue, Jan 17, 2023 at 1:21 AM Brandon Heenan  wrote:

> We'll make the update in the enterprise release notes too. Thanks for
> keeping us in the loop
>
> On Mon, Jan 16, 2023 at 9:46 AM Rick Byers  wrote:
>
>> Thanks so much Eiji!
>>
>> On Mon, Jan 16, 2023 at 3:06 AM Eiji Kitamura  wrote:
>>
>>> I've updated the blog post
>>>  stating
>>> Chrome 111 is where we ship the feature, but looks like it's rolling out
>>> through 111 and 112?
>>> I'll update the blog post to mention `OriginAgentClusterDefaultEnabled`
>>> enterprise policy.
>>>
>>>
>>> On Sat, Jan 14, 2023 at 1:37 AM Rick Byers  wrote:
>>>
 Thanks for the update Daniel, good luck!

 In case others, like me, have missed or forgotten the long history of
 this difficult deprecation and what it means for web developers, this blog
 post is a good summary
 . One
 critical thing it doesn't mention, but probably should, is that the 
 OriginAgentClusterDefaultEnabled
 enterprise policy
 
 can also be used to revert the default on managed devices (though it looks
 like the launching milestone needs to be updated there too).

 Rick

 On Fri, Jan 13, 2023 at 9:53 AM 'Daniel Vogelheim' via blink-dev <
 blink-dev@chromium.org> wrote:

> Hello all,
>
> We've now handled the bugs we've discovered, and I would like to make
> another attempt at launching. I'll follow the plan that was approved here,
> but two milestones later: Launch to 50% beta in M111 (or late M110, if I
> can still catch a bit of that release cycle), and then ramp on stable once
> M112 is out.
>
>
> On Wed, Dec 14, 2022 at 6:36 PM Daniel Vogelheim 
> wrote:
>
>> Hello all,
>>
>> An update: Unfortunately we have discovered a bug with this feature,
>> just as I was getting ready to enable it. The bug also affects pages that
>> have not even set document.domain. Since I have now missed a substantial
>> portion of the 109 beta cycle I'd like to delay the roll out once more, 
>> and
>> shift it by one milestone (or two; depending on when everything is 
>> fixed).
>>
>> On the positive side: Recently the last of the previously identified
>> big document.domain users, that together accounted for about 50% of
>> remaining usage, has dropped their usage. So current usage is lower than
>> previously reported. See the usage dip around late November at
>> deprecate.it (1st graph).
>>
>> On Thu, Nov 10, 2022 at 5:42 PM Mike Taylor 
>> wrote:
>>
>>> LGTM3
>>>
>>> On 11/10/22 11:18 AM, Chris Harrelson wrote:
>>>
>>> LGTM2
>>>
>>> On Thu, Nov 10, 2022, 4:19 AM Yoav Weiss 
>>> wrote:
>>>
 LGTM1 to roll this out to 50% of Beta/Dev/Canary for either M108 or
 M109, and carefully roll this out for M110, once it hits stable.

 On Wed, Nov 9, 2022 at 7:05 PM Daniel Vogelheim <
 vogelh...@google.com> wrote:

> On Wed, Nov 9, 2022 at 6:10 PM Mike Taylor 
> wrote:
>
>> On 10/27/22 11:49 PM, 'Daniel Vogelheim' via blink-dev wrote:
>>
>> Hello all,
>>
>> The approval for the Intent To Ship for Origin Isolation By
>> Default / Deprecate document.domain
>> 
>> asks for a separate intent for the actual default change
>> .
>> This is that separate intent.
>>
>> A summary of what happened so far:
>>
>> - Shipping Origin Isolation by Default (and thereby deprecating
>> document.domain) has security benefits, but compatibility risk.
>>
>> - We added warnings to the developer console and issues panel,
>> published a blog post, and engaged in direct outreach. This has 
>> resulted in
>> substantial, measurable reduction of usage. Some sites keep using
>> document.domain, but have mitigated the deprecation with other 
>> means. This
>> makes the risk difficult to measure.
>>
>> - Sampling of sites with document.domain usage and manual
>> inspection yields a potential breakage estimate at ~0.015% of page 
>> views.
>>
>> What we're asking for here is:
>>
>> - Enable the feature at 50% for beta (+ dev + canary) during
>> M109, as a "last call" for web site authors.
>>
>> This sounds like a good idea. Is

Re: [blink-dev] Intent to Ship: Origin Isolation By Default / Deprecate document.domain on stable

2023-01-16 Thread 'Eiji Kitamura' via blink-dev 
I've updated the blog post
 stating
Chrome 111 is where we ship the feature, but looks like it's rolling out
through 111 and 112?
I'll update the blog post to mention `OriginAgentClusterDefaultEnabled`
enterprise policy.


On Sat, Jan 14, 2023 at 1:37 AM Rick Byers  wrote:

> Thanks for the update Daniel, good luck!
>
> In case others, like me, have missed or forgotten the long history of this
> difficult deprecation and what it means for web developers, this blog
> post is a good summary
> . One
> critical thing it doesn't mention, but probably should, is that the 
> OriginAgentClusterDefaultEnabled
> enterprise policy
> 
> can also be used to revert the default on managed devices (though it looks
> like the launching milestone needs to be updated there too).
>
> Rick
>
> On Fri, Jan 13, 2023 at 9:53 AM 'Daniel Vogelheim' via blink-dev <
> blink-dev@chromium.org> wrote:
>
>> Hello all,
>>
>> We've now handled the bugs we've discovered, and I would like to make
>> another attempt at launching. I'll follow the plan that was approved here,
>> but two milestones later: Launch to 50% beta in M111 (or late M110, if I
>> can still catch a bit of that release cycle), and then ramp on stable once
>> M112 is out.
>>
>>
>> On Wed, Dec 14, 2022 at 6:36 PM Daniel Vogelheim 
>> wrote:
>>
>>> Hello all,
>>>
>>> An update: Unfortunately we have discovered a bug with this feature,
>>> just as I was getting ready to enable it. The bug also affects pages that
>>> have not even set document.domain. Since I have now missed a substantial
>>> portion of the 109 beta cycle I'd like to delay the roll out once more, and
>>> shift it by one milestone (or two; depending on when everything is fixed).
>>>
>>> On the positive side: Recently the last of the previously identified
>>> big document.domain users, that together accounted for about 50% of
>>> remaining usage, has dropped their usage. So current usage is lower than
>>> previously reported. See the usage dip around late November at
>>> deprecate.it (1st graph).
>>>
>>> On Thu, Nov 10, 2022 at 5:42 PM Mike Taylor 
>>> wrote:
>>>
 LGTM3

 On 11/10/22 11:18 AM, Chris Harrelson wrote:

 LGTM2

 On Thu, Nov 10, 2022, 4:19 AM Yoav Weiss 
 wrote:

> LGTM1 to roll this out to 50% of Beta/Dev/Canary for either M108 or
> M109, and carefully roll this out for M110, once it hits stable.
>
> On Wed, Nov 9, 2022 at 7:05 PM Daniel Vogelheim 
> wrote:
>
>> On Wed, Nov 9, 2022 at 6:10 PM Mike Taylor 
>> wrote:
>>
>>> On 10/27/22 11:49 PM, 'Daniel Vogelheim' via blink-dev wrote:
>>>
>>> Hello all,
>>>
>>> The approval for the Intent To Ship for Origin Isolation By Default
>>> / Deprecate document.domain
>>> 
>>> asks for a separate intent for the actual default change
>>> .
>>> This is that separate intent.
>>>
>>> A summary of what happened so far:
>>>
>>> - Shipping Origin Isolation by Default (and thereby deprecating
>>> document.domain) has security benefits, but compatibility risk.
>>>
>>> - We added warnings to the developer console and issues panel,
>>> published a blog post, and engaged in direct outreach. This has 
>>> resulted in
>>> substantial, measurable reduction of usage. Some sites keep using
>>> document.domain, but have mitigated the deprecation with other means. 
>>> This
>>> makes the risk difficult to measure.
>>>
>>> - Sampling of sites with document.domain usage and manual inspection
>>> yields a potential breakage estimate at ~0.015% of page views.
>>>
>>> What we're asking for here is:
>>>
>>> - Enable the feature at 50% for beta (+ dev + canary) during M109,
>>> as a "last call" for web site authors.
>>>
>>> This sounds like a good idea. Is there any reason we couldn't go to
>>> 50% in M108 as well (or are you trying to avoid breakage over the winter
>>> holidays)?
>>>
>> No reason. I'd be happy to go to beta as soon as I receive the lgtms.
>> I had conservatively budgeted that to be 109. :-)
>>
>>
>>> Another question: do we have enterprise policies available for this
>>> change?
>>>
>>
>> Yes; the policy is here: OriginAgentClusterDefaultEnabled
>> 
>>
>>
>>> - Launch on stable on M110. (~ Feb '23, so >12 weeks out from today)
>>>
>>>
>>> 
>>>
>>>