Hello,
filesystem: URLs were one of the remaining proprietary behavior when I
was trying to unify the notions of "secure context" in Chromium [1]. I
support a plan for unshipping it.
To elaborate a bit, a URL is potentially trustworthy if its origin is
potentially trustworthy [2]. But Chromium determines the origin of
filesystem: URLs the same as blob: URLs, instead of treating them as
opaque origins per the WHATWG spec [3] [4].
So maybe that's a silly idea, but perhaps another intermediate step
before full removal would be to stop treating filesystem: URLs as
trustworthy if their origin is trustworthy? That would be an easy way to
limit what web developers can do with filesystem: URLs, while still
keeping the core support in place.
[1] https://groups.google.com/a/chromium.org/g/blink-dev/c/2fNfT6DEWJo
[2] https://w3c.github.io/webappsec-secure-contexts/#is-url-trustworthy
[3] https://url.spec.whatwg.org/#concept-url-origin
[4] https://github.com/w3c/webappsec-secure-contexts/pull/89
Le 01/02/2022 à 10:32, Mike West a écrit :
I worry that removing `filesystem:` for media elements on Android,
while maintaining support for other platforms, will end up causing
some developer confusion without much value for the codebase as a
whole (since we need to maintain all the exciting bits and pieces of
infrastructure). Are the numbers you quoted for media elements on
those other platforms, or all element types? Perhaps we could remove
support for media elements on all platforms if there's substantial
benefit to doing so.
Honestly, I'd prefer that we outline a plan to fully remove
`filesystem:` if we're not going to support it going forward (+Josh
and +Victor). It has some pretty complicated effects on the security
state of navigations, and while we have a reasonable plan for
PolicyContainer integration with `blob:` URLs, we're still a ways away
from doing the same for `filesystem:`. Is there a path towards
deprecating and dropping support on other platforms? The large
ChromeOS usage makes me somewhat suspicious that this is wrapped up in
one Google property or another... have y'all done that analysis?
-mike
On Wednesday, January 26, 2022 at 7:48:54 PM UTC+1 Brianna Goldstein
wrote:
Additionally to follow up on @Chris Harrelson
<mailto:chris...@chromium.org>'s question on usage - Chrome OS
usage is 1.38%, Mac OSX is at 0.12% and Windows is 0.05%. We
propose to only remove support for Android here.
On Tue, Jan 25, 2022 at 7:13 PM Chris Harrelson
<chris...@chromium.org> wrote:
Hi, could you outline the use counter values for other
platforms? Also, is there something special about Android that
leads you to want to disable only there?
On Tue, Jan 25, 2022 at 1:58 PM Brianna Goldstein
<brgoldst...@chromium.org> wrote:
Primary eng (and PM) emails
brgoldst...@google.com <mailto:brgoldst...@google.com>,
m...@chromium.com <mailto:m...@google.com>,
jadekess...@chromium.com <mailto:jadekess...@chromium.com>
Explainer
Storage partitioning explainer
<https://github.com/wanderview/quota-storage-partitioning/blob/main/explainer.md#storage-apis>
Summary
We propose to remove support for loading media via
filesystem:// URLs on Android.
Motivation
As part of our storage partitioning efforts, we will need
to update Filesystem URLs to be partitioned by StorageKey
rather than by Origin. Doing this will add complexity
since the entire current codepath on Android is not
dependent on Blink where StorageKey currently lives. On
Android only 0.0000001% of URLs loaded by <audio> or
<video> use the filesystem:// URL scheme and we consider
this low enough usage to remove support, rather than do
the work of partitioning. Note that this removal is only
for Android. On other platforms there will be no effect
and media playback of filesystem:// URLs will continue to
work.
Blink component
Blink>Storage
<https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EStorage>
Initial public proposal
None
TAG review
None
TAG review status
N/A
Interoperability and Compatibility Risk
Interoperability risk:
The filesystem:// URL scheme was never widely adopted and
is only implemented by Chrome. Therefore there should be
no interoperability risks associated with this feature
depreciation.
Compatibility risk:
This feature is very low usage as only 0.0000001% of URLs
loaded by <audio> or <video> use the filesystem:// URL
scheme. Therefore the expected compatibility risk is very low.
Alternative implementation suggestion for web developers
Developers can continue to load media from other schemes
(http, https, blob, file, etc.).
Usage information from UMA
Android Chrome (Browser App): 0.0000001%
Android Webview: 0.0%
Tracking Bug
https://bugs.chromium.org/p/chromium/issues/detail?id=1258029
<https://bugs.chromium.org/p/chromium/issues/detail?id=1258029>
Entry on the feature dashboard
https://chromestatus.com/feature/5632429577469952
<https://chromestatus.com/feature/5632429577469952>
--
You received this message because you are subscribed to
the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails
from it, send an email to
blink-dev+unsubscr...@chromium.org
<mailto:blink-dev+unsubscr...@chromium.org>.
To view this discussion on the web visit
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALDP-vS2KA47PGLh3YkxqAr9z24nP1_u%2BtvY6eWzqSQgq987cQ%40mail.gmail.com
<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALDP-vS2KA47PGLh3YkxqAr9z24nP1_u%2BtvY6eWzqSQgq987cQ%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google
Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to blink-dev+unsubscr...@chromium.org.
To view this discussion on the web visit
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/8670f31d-d4d2-443f-8757-250bb5611cdbn%40chromium.org
<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/8670f31d-d4d2-443f-8757-250bb5611cdbn%40chromium.org?utm_medium=email&utm_source=footer>.
--
Frédéric Wang
--
You received this message because you are subscribed to the Google Groups
"blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to blink-dev+unsubscr...@chromium.org.
To view this discussion on the web visit
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/554fbc89-d843-1951-9904-ff238b759a72%40igalia.com.
