[blink-dev] Intent to Ship: FedCM on cross-origin iframes

2022-12-08 Thread Nicolás Peña
Contact emails n...@chromium.org Explainer https://github.com/fedidcg/FedCM/blob/main/explorations/iframe_support.md Specification https://fedidcg.github.io/FedCM/#permissions-policy-integration Summary Adds support for calling the FedCM API inside cross-origin iframes via a permissions polic

Re: [blink-dev] Intent to Ship: FedCM on cross-origin iframes

2022-12-12 Thread Yoav Weiss
On Thu, Dec 8, 2022 at 4:38 PM Nicolás Peña wrote: > Contact emails > > n...@chromium.org > Explainer > > https://github.com/fedidcg/FedCM/blob/main/explorations/iframe_support.md > Would be great to have some more explicit examples in the explainer. For example, it's not immediately obvious to

Re: [blink-dev] Intent to Ship: FedCM on cross-origin iframes

2022-12-12 Thread Nicolás Peña
I was not aware that Permissions-Policy enables having support for just JS or just HTTP header support, but in our case we want to ship both, which is the default. I have added a couple of examples at the bottom of that explainer. On Monday, December 12, 2022 at 4:41:49 AM UTC-5 Yoav Weiss wro

Re: [blink-dev] Intent to Ship: FedCM on cross-origin iframes

2022-12-12 Thread Yoav Weiss
LGTM1 On Mon, Dec 12, 2022 at 8:14 PM Nicolás Peña wrote: > I was not aware that Permissions-Policy enables having support for just JS > or just HTTP header support, but in our case we want to ship both, which is > the default. I have added a couple of examples at the bottom of that > explainer.

Re: [blink-dev] Intent to Ship: FedCM on cross-origin iframes

2022-12-13 Thread Mike Taylor
LGTM2 On 12/12/22 11:03 PM, Yoav Weiss wrote: LGTM1 On Mon, Dec 12, 2022 at 8:14 PM Nicolás Peña wrote: I was not aware that Permissions-Policy enables having support for just JS or just HTTP header support, but in our case we want to ship both, which is the default. I have added

Re: [blink-dev] Intent to Ship: FedCM on cross-origin iframes

2022-12-14 Thread Rick Byers
I'm recusing myself from FedCM again, since I'm working in this space. But FWIW I think this should be a pretty uncontroversial extension, consistent with other power capabilities which we enable to be delegated down to iframes (since conspiring script could generally polyfill such things with post

Re: [blink-dev] Intent to Ship: FedCM on cross-origin iframes

2022-12-15 Thread Chris Harrelson
LGTM3 On Tue, Dec 13, 2022 at 6:31 AM Mike Taylor wrote: > LGTM2 > > On 12/12/22 11:03 PM, Yoav Weiss wrote: > > LGTM1 > > On Mon, Dec 12, 2022 at 8:14 PM Nicolás Peña wrote: > >> I was not aware that Permissions-Policy enables having support for just >> JS or just HTTP header support, but in o