cross-origin isolation

1. Use origin instead of site as agent cluster key for cross-origin isolated agent clusters. document.domain mutation is no-op for agents in cross-origin isolated agent clusters. 2. Introduce cross-origin isolated permission (https://w3c.github.io/webappsec-feature-policy/). 3. Introduce self.crossOriginIsolated returning whether the surrounding agent cluster is cross-origin isolated and the environment has the cross-origin isolated permission.

Motivation

Following Spectre/Meldown discovery, sensitive APIs such as SharedArrayBuffer were disabled on certain platforms with a lot of shared processes (e.g. Android). We want to give developers the opportunity to use these features, while maintaining a good security level. We believe COOP and COEP ensure sufficient security boundaries. When we have both COOP and COEP set we set crossOriginIsolated to true, which in the long run will allow the use of such powerful APIs.

Documentation

Specification

Editor's draft

Status in Chromium

Blink>SecurityFeature


Enabled by default (tracking bug) in:

  • Chrome for desktop release 87
  • Chrome for Android release 87

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • Shipped/Shipping
  • No signal
  • No signal
  • No signals

Owners

Search tags

COOP, COEP, crossOriginIsolated,

Last updated on 2020-10-20